Cybercriminals are constantly looking for new ways to infiltrate devices and circumvent users’ security in order to steal information and money. Now, the cybersecurity company Zimperium has reported a malware called RatMilad, which has the ability to steal information and record audio remotely without victims knowing.
According to the information, the data to which the criminals who developed this malware have access could potentially be used as a form of access to company systems, a means of extorting the victim and other uses that can increase the feeling of insecurity of the attacked person.
IT MAY INTEREST YOU: Mario Bros arrives on the big screen, they release their first trailer
How does RatMilad work?
Currently, it is located somewhere in the Middle East, however, this does not imply that users in Europe or Latin America are safe from its activities or that they are less vulnerable.
This malware is usually spread through the Telegram instant messaging application, since it cannot use any application within the Google Play Store as a means of downloading. However, according to Zimperium, once downloaded, you get a virtual number generator called NumRent, and immediately the malware abuses the app’s request permissions to download malware.
After being successfully installed, RatMilad proceeds with the stealing of basic information available within the device, the list of contacts, text messages, call logs, installed applications along with their granted permissions, GPS location, information contained within the SIM card, downloaded files, among other data.
However, the malware does not stop only by acquiring this information, but can also dispose of it by deleting it, modifying the permissions of applications that have already been installed, and using the device’s microphone to record users without their consent.
The recommendation is to install antivirus software and avoid downloads that may be at risk, so it is better to go to the Google Play Store and not open suspicious links that have been sent to users by unknown network accounts; although this preventive attitude should also be applied to profiles of close friends.