Discovered by researchers at CloudSEK, a malware campaign called DogeRAT has been observed impersonating legit Android BFSI, e-commerce and entertainment apps. Relying on open source Android malware, DogeRAT operates using Java-based server-side code, enabling communication between the malware and the Telegram Bot. It then uses a web view to show a seemingly legitimate URL on the victims’ devices. Upon installation, the malware requires various permissions and then malicious activities commence such as making unauthorized payments, altering files and taking screenshots.
Mark Bermingham, VP, Cyware had this to say:
“Imagine the scale required to generate tangible profit from a $30 offering. The fact that commercial malware offerings are available and that threat actors can profit from a widespread lack of cyber diligence offers sad perspective on the state of preparedness prevalent across the industry. These attacks will be picked up and blocked by moderately diligent security. The goal should be to move more organizations over this line. The tools exist. Some vendors de-complicate security. Endeavor to partner with these types of vendors and minimize a significant worry from your business operations.”
The price of cyber crime has dropped to the point that anyone can be a threat actor. That’s pretty scary and that means that we all should be taking the steps in the CloudSEK article to make sure that we don’t fall victim to this malware campaign.
Related
This entry was posted on June 1, 2023 at 9:09 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
DogeRAT Malware Is Out And The Price Of Entry For Threat Actors Is Insanely Low
Discovered by researchers at CloudSEK, a malware campaign called DogeRAT has been observed impersonating legit Android BFSI, e-commerce and entertainment apps. Relying on open source Android malware, DogeRAT operates using Java-based server-side code, enabling communication between the malware and the Telegram Bot. It then uses a web view to show a seemingly legitimate URL on the victims’ devices. Upon installation, the malware requires various permissions and then malicious activities commence such as making unauthorized payments, altering files and taking screenshots.
Mark Bermingham, VP, Cyware had this to say:
“Imagine the scale required to generate tangible profit from a $30 offering. The fact that commercial malware offerings are available and that threat actors can profit from a widespread lack of cyber diligence offers sad perspective on the state of preparedness prevalent across the industry. These attacks will be picked up and blocked by moderately diligent security. The goal should be to move more organizations over this line. The tools exist. Some vendors de-complicate security. Endeavor to partner with these types of vendors and minimize a significant worry from your business operations.”
The price of cyber crime has dropped to the point that anyone can be a threat actor. That’s pretty scary and that means that we all should be taking the steps in the CloudSEK article to make sure that we don’t fall victim to this malware campaign.
Share this:
Like this:
Related
This entry was posted on June 1, 2023 at 9:09 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.