New Delhi (India), 31st May 2023: As part of a complex malware campaign, a new open source remote access trojan (RAT) named DogeRAT is targeting Android users especially in India.
Under the guise of legal applications such as Opera Mini, OpenAI ChatGPT, and Premium versions of YouTube, Netflix, and Instagram, the malware is being distributed via social media and messaging systems.
A cybersecurity firm stated, “Once installed on a victim’s device, the malware gains unauthorised access to sensitive data, including contacts, messages, and banking credentials.”
Drawing attention to the threat posed by this malware the firm added, “It can also take control of the infected device, enabling malicious actions such as sending spam messages, making unauthorised payments, modifying files, and even remotely capturing photos through the device’s cameras.”
DogeRAT, like many other malware-as-a-service (MaaS) products, is pushed by its India-based developer via a Telegram channel with over 2,100 users since its inception on June 9, 2022.
This also contains a premium subscription for $30 that offers other features including screenshotting, stealing photos, capturing clipboard material, and logging keystrokes.
To make it more accessible to other criminal actors, the free version of DogeRAT has been made available on GitHub, along with screenshots and video tutorials demonstrating its functionalities.
Upon installation, the Java-based malware seeks intrusive permissions in order to accomplish its data-gathering goals before sending it to a Telegram bot.
However the developer of the malware in an attempt to wash away any responsibility has a note that states, “We do not endorse any illegal or unethical use of this tool. The user assumes all responsibility for the use of this software.”
