"The Android ecosystem has a worrying new threat. Researchers at Certo have identified a new remote access trojan that is being distributed under the name RadzaRat. The malware is presented as a simple file management application. However, it contains extensive functions for surveillance, data theft, and remote control. It is striking that no known security solution currently recognizes the application as malicious. This increases the risk for users."
"RadzaRat appears at a time when malware-as-a-service is becoming increasingly accessible. The developer, active on criminal forums under the pseudonym Heron44, explicitly targets users with little technical knowledge. According to these forums, setting up the Trojan is hardly complicated. Attackers only need a free hosting environment, a Telegram bot, and a device on which the app is installed with the necessary permissions."
"Under the hood, RadzaRat contains an extensive set of features. The Trojan has full access to the device's file system and allows attackers to search folders, retrieve specific files, and download large data files. An analysis of the app's structure shows that the file manager interface not only serves as a disguise, but also forms the starting point for these operations."
RadzaRat is a remote access trojan for Android disguised as a file manager and capable of surveillance, data theft, and remote control. The malware grants full access to the device file system, enabling folder searches, file retrieval, and large data downloads. The trojan records keystrokes by abusing Android accessibility services, capturing input such as passwords and communications. The developer markets the tool on criminal forums under the pseudonym Heron44 and advertises an easy setup using free hosting, a Telegram bot, and an installed device with permissions. The app is hosted on a public GitHub repository, uses a debug certificate, and is not currently detected by known security solutions, raising user risk.
#android-malware #remote-access-trojan #data-exfiltration #accessibility-abuse #malware-as-a-service
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]