KevDroid Bites

Written by:
Lucie Sadler
Date Posted:
4 April 2018
Category:
Security

I smell a RAT

Malware has been discovered on Android devices, spread via a fake anti-virus app called Naver Defender. But actually, it’s not defending you.

It’s a backdoor to Naughty People so that they can secretly record phone calls and steal private data from infected devices. Security researchers at Cisco Talos identified the Malware as a Remote Access Trojan (RAT), and a few variants have been identified so far. They’ve called it KevDroid.

KevDroid can steal your contacts, messages and phone history. KevDroid isn’t your mate, he’s well hard.

This particular type of Malware uses an open source library that’s available on GitHub to gain the ability to record calls etc from the compromised android device.

Kev can:

  • Record phone calls & audio
  • Steal web history and files
  • Gain root access
  • Steal call logs, SMS, emails
  • Collect device location every 10 seconds
  • Collect a list of installed applications
  • Send stolen data to attacker-controlled C2 servers

As ever, we’re all concerned about what could happen to the information. No one likes their personals spread all over the internet.

The usual PSA, but Android users should: cross-check apps, never install from 3rd party stores, always use Google Play Protect, and enable the ‘verify apps’ feature in your settings. Oh and always back up on the reg and update patches.

Rating: 5.0/5. From 1 vote.
Please wait...

 

Leave a Reply

avatar
  Subscribe  
Notify of

Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.