Android users warned over new spyware that records calls and accesses camera and data

A US mobile security firm is raising the alarm on a new form of Android spyware enabling a disturbing level of remote access capability.

Disguised inside an app and shared on social media, the spyware – called RatMilad by the mobile device and app security company Zimperium, which uncovered it – allows hackers to spy on victims through their phone cameras and record their phone calls.

It can also access and collect data from contact and SMS lists, call logs, GPS locations and read, write and delete files, as well as change device and app permissions.

Watch the latest news and stream for free on 7plus >>

“The attackers could access the camera to take pictures, record video and audio, get precise GPS locations, view pictures from the device, and more,” Zimperium warned in a blog post.

“The data stolen from these devices could be used to access private corporate systems, blackmail a victim, and more.

“The malicious actors could then produce notes on the victim, download any stolen materials, and gather intelligence for other nefarious practices.”

Android malware enabling a disturbing level of remote access on mobile phones has been found inside a fake and malicious app called NumRent. Credit: SOPA Images/SOPA Images/LightRocket via Gett

The spyware is currently targeting Middle Eastern enterprise devices (mobile devices linked to businesses), and the Zimperium zLabs research team found the original variant hiding behind a VPN and inside a phone number spoofing app called NumRent, a renamed and graphically updated version of Text Me .

Phone number spoofing is commonly used by scammers to allow the user to make calls and texts from a fake caller ID, as well as verify multiple accounts.

RatMilad spyware has not been found in any Android app store but download links are being shared on social media and through communication tools, according to Zimperium.

The developers have even created a legitimate-looking website for NumRent with download prompts.

“The malicious actors have also developed a product website advertising the app to socially engineer victims into believing it is legitimate,” Zimperium said.

The product website developed by the hackers. Credit: Supplied

In this case, the app prompts the user to accept certain permissions and sideload a toolkit which installs RatMilad and enables remote access from the malicious actor.

“Spyware such as RatMilad is designed to run silently in the background, constantly spying on its victims without raising suspicion,” Zimperium said.

“For any device that has been compromised by spyware, the malicious actors behind RatMilad have potentially gathered significant amounts of personal and corporate information on their victims, including private communications and photos.”

‘Scrubs’ producer charged with sexual assault.

‘Scrubs’ producer charged with sexual assault.


Leave a Comment