The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time.
The GravityRAT remote access trojan has been around since at least 2015, according to researchers from Kaspersky, but it has mainly focused on Windows operating systems. The last piece of major development
news came in 2018, when developers behind the malware made key changes to the RAT’s code in an attempt to decrease antivirus detection.
Recently though, Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware. “Further investigation confirmed that the group behind the [GravityRAT] malware had invested effort into making it into a multiplatform tool…the campaign is still active,” according research
published on Monday.
The malware is capable of retrieving device data, contact lists, email addresses, call logs and SMS messages and can exfiltrate various types of documents and files.
threatpost.com
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
