A mobile security firm Zimperium has recently reported discovering a new strain of Android malware, which it calls ‘RatMilad’, that’s been targeting mobile devices in the Middle East. According to the researchers at Zimperium, the malware can be used for cyber espionage or eavesdropping on a victim’s mobile resulting in extortion demands and other consequences.
Capable of recording both audio and video, RatMilad allows attackers to listen to your calls, view video calls and even steal important information like your internet banking passwords. To top it all off, it can even be used to change app permissions thus exploiting the victim's mobile to its advantage.
What is RatMilad Android Malware?
RatMilad belongs to the Remote Access Trojan (RAT) Malware category that possesses spying capabilities. The malware is distributed through fake applications like NumRent(a VPN and Phone Number Spoofing App) and TextMe. Note that NumRent is the renamed and graphically modified version of the latter. Once a user installs the app, the malware modifies system information to track every activity and sends the recorded data over to hackers. This poses a great risk to users who use their Android smartphones to conduct financial transactions and important business tasks.
The NumRent app is capable of accessing the camera and can capture pictures, record audio and video, track device location, send messages and even make calls, view images in the device gallery, and manipulate other data present on the infected device. All these operations are performed in the background anonymously without the user’s notice.
How to know if your device is infected?
Since RatMilad works secretly in the background and is further disguised by a fake app, it’s difficult to know if your device is infected just by looking. However, there are some symptoms that can tell the difference between a safe and an infected device. Here are some signs to look out for:
- Your device is running slowly and apps are lagging despite having sufficient free RAM.
- Automatic modifications to the device settings and permissions.
- You see apps that you haven’t installed yourself.
- The battery life has decreased while the data consumption has increased.
- You are receiving calls and messages from unknown international numbers.
If you have noticed any of these symptoms in your Android smartphone, your device may be affected by RatMilad or other malware. Check if there is an app called NumRent installed on your device. If so, uninstall it immediately.
How to stay safe from RatMilad?
The RatMilad Android Malware is reportedly distributed through Telegram links and other third-party websites. Once a user clicks on the link, the app is downloaded. Users will limited knowledge may install the app unknowingly and the devices may get infected.
Prevention is better than cure. And, to ensure you don’t fall prey to RatMilad and other such malware, here are some precautionary tips you can always keep in mind:
- Always download apps from Google Play Store or the App Store. Never ever trust third-party websites that offer apps that promise to benefit you financially. Doing so can result in consequences like lost money and sensitive information.
- Never click on any link received via SMS, social media, or email inbox. These can lead you to malicious websites and apps, thereby again putting you at risk of malware infection.
- If by any chance, you have downloaded the app, and are now looking for a solution to remove it from your smartphone, you can download capable antivirus software like TTB Antivirus, that can help you root out infections and malicious files from your device.