⚠ Information provided in this blog is for educational purposes only and is meant to increase awareness among people to help protect themselves against increasing cybercrime. ⚠
What is RAT?
RAT is an acronym for Remote Access Trojan, or more commonly Remote Administration Tool.
A RAT is a malicious software which when installed in a victim’s computer or smartphone gives its ‘administrative’ access to a malicious actor(most probably a hacker with bad intent), which allows him to ‘remotely’ execute any arbitrary tasks or scripts on the victim’s computer.
RATs are used mainly to spy on someone as they can give a malicious actor access to the microphone, camera, and local storage of the infected device(Computer or smartphone infiltrated by a RAT). Mainly RATs are deployed on a victim’s device by attaching them to another harmless-looking software or application to avoid suspicion and their detection.
They can also be installed as standalone software or application but it will increase their chances of detection and deletion by the user. Mainly Social Engineering is used to trick the user(victim) into installing these malicious softwares.
There are two types of RATs:
1. Non-Persistent–These types of RAT can be deleted completely from an infected device by completely formatting the device storage or by factory resetting.
2. Persistent- These are more dangerous type of RATs as they can reinstall themselves even after formatting the storage of the infected device.
In this blog, we will focus on Android RATs.
What are Android RATs?
Android RATs are Remote Administration Tools, specifically made to be installed on and infect Android smartphones.
These RATs can also be installed by attaching them to a harmless-looking application or can be installed as a standalone .apk(format of android application) package.
There are several free and easy-to-use softwares available that can make a harmless-looking RAT apk in less than a minute with different types of options for decreasing detectability and increasing the Accessibility of the malicious apk, these options range from making apk hidden to allowing apk to have superuser access.
Metasploit, spy-note, androRAT, Ah-Myth are some softwares that can be used to make such malicious files, these softwares are used mainly by Cyber Security Professional to test the security of their system and network and mitigate any vulnerabilities, but malicious actors use these softwares to cause harm and wreak havoc among people.
How to prevent your android smartphone from getting affected by these RATs?
First and foremost, do not install any android application from unknown sources, i.e., sources other than the Google Play store.
Do not install apps that are downloaded automatically by clicking on a link for e.g. apps that are circulated as apk or through a link on any social media.
Keep your Android Smartphone updated.
Google Play protect can detect and warn if any malicious app is present on your device. By default it is turned on but you can check and turn it on in the case, inside the Play store.
Rooting a device also makes it more vulnerable to a RAT and can also leverage a RAT’s working ability as rooting a device remove the pre-installed security features and diminish the layer of abstraction between the internal and installed app processes, Rooted devices are also prone to persitent type of RAT.
How to detect a RAT?
The existence of a RAT can be deduced by checking if after installing an application on your smartphone, its battery consumption and internet usage are substantially increased, even when it is left idle.
If an app requires extensive permissions and administrative rights, it might be a harmful app.
You can also check apps that are installed and which come pre-installed on your device and if you find any applications that are not installed by you and you can uninstall them.
Since these digital machines have become an integral part of our lives, we should be aware of their security and be vigilant to avoid falling victim to their exploitation.
There’s no system foolproof enough to defeat a sufficiently great fool.
– Edward Teller
Thank you for your time (Suneet Singh).
Contact Suneet Singh
¡Read more of his work here! (Medium profile)