- Jun 9, 2013
- 6,720
Security researchers are warning of a new Android Remote Access Trojan (RAT) designed to target smartphones with specific IMEI numbers in China and Japan.
Samples of the RAT were analysed between December 2015 and June this year, with the malware only working on rooted devices, which are prevalent in China.
Some figures claim that up to 80% of Android smartphones in the Middle Kingdom are rooted.
However, even if a targeted device isn’t rooted, there is malware available on the cybercrime underground which will do that job, Bitdefender argued.
The security vendor has speculated that the malware could be part of an as-yet-undiscovered advanced persistent threat (APT) or similar.
The malware itself could arrive in the form of “it.cyprus.client” or “it.assistenzaumts.update,” and is loaded with functionality designed to take screenshots, listen in to phone conversations and send the information back to C&C servers in Italy.
Bitdefender warned users to only download apps from a trusted marketplace, and to install reputable AV on their handsets to protect against threats.
However, China for one is awash with third party app stores with the official Google Play Store virtually inaccessible to regular users.
This, combined with the tendency of users to root their phones, means there are ample opportunities for cyber-criminals to spread malware to devices.
In fact, the majority of Android malware victims are thought to be located in China.
Fulll Article. Italian RAT Targeting Chinese and Japanese Phones
Samples of the RAT were analysed between December 2015 and June this year, with the malware only working on rooted devices, which are prevalent in China.
Some figures claim that up to 80% of Android smartphones in the Middle Kingdom are rooted.
However, even if a targeted device isn’t rooted, there is malware available on the cybercrime underground which will do that job, Bitdefender argued.
The security vendor has speculated that the malware could be part of an as-yet-undiscovered advanced persistent threat (APT) or similar.
The malware itself could arrive in the form of “it.cyprus.client” or “it.assistenzaumts.update,” and is loaded with functionality designed to take screenshots, listen in to phone conversations and send the information back to C&C servers in Italy.
Bitdefender warned users to only download apps from a trusted marketplace, and to install reputable AV on their handsets to protect against threats.
However, China for one is awash with third party app stores with the official Google Play Store virtually inaccessible to regular users.
This, combined with the tendency of users to root their phones, means there are ample opportunities for cyber-criminals to spread malware to devices.
In fact, the majority of Android malware victims are thought to be located in China.
Fulll Article. Italian RAT Targeting Chinese and Japanese Phones
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
