Security News xRAT Mobile Malware Emerges

[silversurfer]

A recently discovered mobile remote access Trojan includes extensive data collection capabilities and is associated with known mobile and Windows-targeting threats, Lookout security researchers warn.

Dubbed xRAT, the malware appears to have evolved from the high-profile Xsser / mRAT malware that made headlines in late 2014. The newly discovered mobile threat features code structure almost identical to that of the mRAT family of malware, uses the same decryption key and certain heuristics and naming conventions that suggest the same actor has developed both of them.

Furthermore, the command and control (C&C) servers for the new mobile threat are also linked to Windows malware, suggesting that an experienced crime group is operating it. Earlier this year, security researchers discovered a free and open source remote access tool (RAT) named QuasarRAT that has evolved from the xRAT Windows malware

Full article: xRAT Mobile Malware Emerges | SecurityWeek.Com

 

[tim one]

The acquisition of root privileges gives to this malware almost unlimited possibilities, and these types of threats are using various vulnerabilities, usually already corrected in more recent versions of Android. Unfortunately, the devices of many users (like me) are not updated and a similar circumstance, of course, makes them vulnerable.
I think that in the case of old Android versions would be more effective a constant vulnerabilities fix, rather than an antivirus, that this malware seems to bypass.

The malware in question also installs its modules in the system directory; this makes particularly difficult its removal.