14 C
Jaipur
Sunday, November 22, 2020

GravityRAT Windows Malware Now Affects Android and macOS

Must read

Chiefs vs Raiders live stream: how to watch NFL Sunday Night Football from anywhere

We all know what happened the last time these two faced off. Week 5 produced the first major shock of the season, and Andy...

Dyson V10 Absolute down to just AU$764 in this Black Friday sale

Dyson Australia isn't waiting for November 27 to come round, having kicked off its own Black Friday sale early. And while we were hoping...

Black Friday PS4 accessory deals: save on PS4 headsets, external storage and PS Plus

Looking for a great Black Friday PS4 accessories deal? Then look no further. While there may not be a mountain of Black Friday PS4...

Packers vs Colts live stream: how to watch the NFL week 11 game from anywhere today

The Packers are in action at Lucas Oil Stadium this afternoon, where they'll be hosted by the Colts in what could be a brilliant...

Back in 2017, the Indian Computer Emergency Response Team (CERT-IN) discovered the existence of GravityRAT spyware. The spyware, believed to be operated by Pakistani hacker groups, seems to have made a comeback with support for multiple platforms.

GravityRAT is known to be in existence since 2015. While GravityRAT previously targeted just Windows PCs, the latest detection by the researchers at Kaspersky has found that the remote access trojan now affects Android and macOS as well.

The Android version of GravityRAT spyware was spotted on an altered version of an open-source travel app named Travel Mate. The attackers altered the app by adding malicious code and released it under the name ‘Travel Mate Pro’. Similarly, the attackers created an adult comics Android app to spread the malware. On macOS, the malicious actors operate the malware through apps named Enigma and Titanium.

Below are the capabilities of GravityRAT, as detailed by Kaspersky researchers:

  • get information about the system
  • search for files on the computer and removable disks with the extensions .doc, .docx, .ppt, .pptx, .xls, .xlsx, .pdf, .odt, .odp, and .ods, and upload them to the server
  • get a list of running processes
  • intercept keystrokes
  • take screenshots
  • execute arbitrary shell commands
  • record audio (not implemented in this version)
  • scan ports

“Cunning disguise and an expanded OS portfolio not only allow us to say that we can expect more incidents with this malware in the APAC region, but this also supports the wider trend that malicious users are not necessarily focused on developing new malware, but developing proven ones instead, in an attempt to be as successful as possible,” said Tatyana Shishkova, security expert at Kaspersky.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Chiefs vs Raiders live stream: how to watch NFL Sunday Night Football from anywhere

We all know what happened the last time these two faced off. Week 5 produced the first major shock of the season, and Andy...

Dyson V10 Absolute down to just AU$764 in this Black Friday sale

Dyson Australia isn't waiting for November 27 to come round, having kicked off its own Black Friday sale early. And while we were hoping...

Black Friday PS4 accessory deals: save on PS4 headsets, external storage and PS Plus

Looking for a great Black Friday PS4 accessories deal? Then look no further. While there may not be a mountain of Black Friday PS4...

Packers vs Colts live stream: how to watch the NFL week 11 game from anywhere today

The Packers are in action at Lucas Oil Stadium this afternoon, where they'll be hosted by the Colts in what could be a brilliant...

Dolphins vs Broncos live stream: how to watch NFL week 11 game from anywhere today

Fins fans have had to be patient, but Brian Flores' rebuilding effort down in Florida is really starting to come good. After a sluggish...