CIP Cyber

Log In
Menu
Log In
  • Opinion
  • Product Reviews
  • Industrial Cybersecurity
  • Videos

3 Tools to Aware Of That Exploit Android Security Vulnerability

Table of Contents

P { margin-bottom: 0.08in; direction: ltr; color: rgb(0, 0, 0); text-align: left; }P.western { font-family: “Times New Roman”,serif; font-size: 12pt; }P.cjk { font-family: “SimSun”,”??”; font-size: 12pt; }P.ctl { font-family: “Mangal”,serif; font-size: 12pt; }A:link { color: rgb(0, 0, 255); }

Android
is slowly becoming a popular target for hackers and other
cyber-criminals world wide. Malware developers are now exploiting the
security vulnerabilities found in Android with specific tools that
can be modified to “trojanize” any legitimate app. Many of these
tools are remote administration tools or RATs that allow the attacker
to remotely control the device remotely with a user friendly
interface.




AndroRat



AndroRat
is a free and open source remote administration tool designed for
Android. This tool allows the attacker to control a wide variety of
features within the infected smartphone. Some of the AndroRat’s
innovative features include the ability to make phone calls, send
messages from the infected phone, access the GPS coordinated of the
phone, activate the microphone, access stored data and much more.






AndroRat
APK Binder



AndroRat
APK Binder is a malware tool that allows you to bind AndroRat
directly to an app. The APK Binder is currently being sold at about
$37 through various underground forums. The tool AndroRat is
available in the APK format and when combined with the APK builder
will allow any user with minimum expertise to infect a legitimate app
and trojanize it. When a user installs the trojanized app, they also
install AndroRat unknowingly. The attacker can now access the
infected phone remotely and use it for their benefit.






Adwind



On
similar lines as the AndroRat, a Java based RAT that has been named
as Adwind is also making rounds on the Internet. This tool can be
used in multiple OSes as it is a Java based tool. This tool too can
assume control of an infected device remotely. However, it is not yet
known if the tool has been bound to any of the legitimate APKs.






Cases
of infection



So
far, there have been over 20 cases of legitimate apps being infected
by AndroRat. In addition to this, over a few hundred cases of
infected devices have already been reported world wide with a
majority of the infections talking place in Turkey and the U.S. The
number of infections is also on the rise and is bound to continue as
the malware tool gets refined with new features and options. The open
source nature of the tool has made it gain quick popularity. As a
result, the tool may also evolve and grow to become a greater threat
than it already is.

About the Author

P { margin-bottom: 0.08in; direction: ltr; color: rgb(0, 0, 0); widows: 2; orphans: 2; }P.western { font-family: “Times New Roman”,serif; font-size: 12pt; }P.cjk { font-family: “Times New Roman”,serif; font-size: 12pt; }P.ctl { font-family: “Times New Roman”,serif; font-size: 12pt; }A:link { color: rgb(0, 0, 255); }

Seth Williams has been writing with Firebox Training, since
July, 2011. He writes on many topics across IT programming, Firebox Oracle ADF training and developments in the industry.
Through spreading wisdom across forums and tech blogs, Seth has
realized an open source approach to training professionals across the
globe is the way to go.


Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Opinion

Password Cyberattack: Everything You Need to Know

November 7, 2023

Industrial Cybersecurity

Cybersecurity Awareness Month: Spotlight on ICS/OT Security

September 28, 2023

Opinion

How to Protect IoT Devices in Critical Infrastructure Networks

September 15, 2023

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training

Related Articles

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training