Security News > 2020 > October > Windows GravityRAT Malware Now Also Targets macOS and Android Devices

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices.

According to cybersecurity firm Kaspersky, the malware - dubbed "GravityRAT" - now masquerades as legitimate Android and macOS apps to capture device data, contact lists, e-mail addresses, and call and text logs and transmit them to an attacker-controlled server.

First documented by the Indian Computer Emergency Response Team in August 2017 and subsequently by Cisco Talos in April 2018, GravityRAT has been known to target Indian entities and organizations via malware-laced Microsoft Office Word documents at least since 2015.

Even as the latest evolution of GravityRAT goes beyond anti-malware evasion capabilities to gain multi-platform support - including Android and macOS - the overall modus operandi remains the same: sending targets links to booby-trapped Android and macOS apps to distribute the malware.

"Our investigation indicated that the actor behind GravityRAT is continuing to invest in its spying capacities," Kaspersky's Tatyana Shishkova said.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/y6B8lV7EkZw/windows-gravityrat-malware-now-also.html