Can I see WhatsApp messages with AndroRAT

Do-it-yourself Android Trojans

A Remote Administration Toolkit (RAT) for Android is circulating on the net, which apparently can be used to trojanize any Android app. AndroRAT allows its master, among other things, access to SMS messages, GPS coordinates, camera and microphone - without the smartphone owner noticing anything.

Although AndroRAT is arguably the first remote administration toolkit for Android, the developers are trying not to capitalize on it. You have made the source code available to everyone on GitHub. According to the project description, the tool was created by a four-person development team as part of a university project. "The goal of the application is to remotely control the Android system and get information from it," it says.

In addition, the RAT offers a considerable range of functions: it should be able to transmit the address book, call lists and GPS coordinates, send and read SMS messages and initiate calls on demand. In addition, according to the developers, it can take photos with the smartphone camera and even turn the phone into a bug. The RAT is controlled via the one server that is also available in the source code. AndroRAT also delivers the collected data to the server.

It is not surprising that this program description makes cyber crooks mouth watering. In the relevant underground forums you can find detailed instructions on how to build an executable spy app from the source code. In addition, there has recently even been an APK binder that injects AndroRAT into legitimate Android apps, as reported by Symantec. For a mere 37 US dollars, anyone is able to bring their own Trojan apps into circulation.

According to Symantec, the spread of AndroRAT is still manageable: The manufacturer's antivirus apps have only reported a few hundred infections so far, most of them in the USA and Turkey. According to the security firm, the availability of the APK Binder has recently caused an increase that is set to continue. (rei)

Read comments (89) Go to homepage
Ad ad