Cyber security experts at Kaspersky have identified an Android spyware, which was inserted into a Indian user’s travel application.
GravityRAT, a spying Remote Access Trojan (RAT), is behind the intrusion, claims the expert team.
“In addition to targeting Windows Operating Systems, it can now be used on Android and Mac OS. The campaign is still active,” Kaspersky said.
Overall, more than 10 versions of GravityRAT were found, being distributed under the guise of legitimate applications, such as secure file sharing applications that would help protect users’ devices from encrypting Trojans, or media players.
These modules, used together, enabled the group to tap into Windows OS, Mac OS, and Android, the cyber security solutions firm said.
“The modules can retrieve device data, contact lists, email addresses, call logs, and SMS messages.
Some of the Trojans were also searching for files with extensions such as .jpg, .jpeg, .log, .png, .txt, .pdf, etc., in a device's memory to also send the data back to the attackers.
“Our investigation indicated that the actor behind GravityRAT is continuing to invest in its spying capacities. We can expect more incidents with this malware in the Asia-Pacific region,” Tatyana Shishkova, a security expert at Kaspersky, has said.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.