Wednesday , September 18 2019
Home / Business / Android music player app RB music uses spyware to steal sensitive information

Android music player app RB music uses spyware to steal sensitive information

Chennai, August ,2019: SonicWall Capture Labs raised an alert on an Android music streaming app that reuses software code from a relatively older malware program called Ahmyth RAT to steal sensitive data from the device. A Remote Access Trojan (RAT) enters a device through diversion applications, freeware or email connections. Once the user runs the executable records unconsciously, this RAT introduces itself in the framework memory and hacks the application.

The streaming Android music player app that goes by the name RB music was found to contain spyware related components of the said Ahmyth RAT that allows it to steal sensitive information from the infected device. While the original intention was to give the victims a fully working streaming music player to evade suspicion and steal sensitive information in the background, upon starting the app though, a number of features like online music streaming were not functioning as desired, which actually gave way to the finding. Once the device is infected, the attacker can command the RAT to perform a number of functions including but not limited to viewing call logs, viewing & Sending SMS, veining contacts, files & GPS location of the device

Commenting on this development Debasish Mukherjee, Country Manager India & SAARC, SonicWALL said, It is a common practice to reuse software codes to enhance efficiency in the software development cycle and is followed by many developers, including malware developers. It is not uncommon to see malware writers reuse parts of code from other malware families or malware that were active in the past said. This threat showcases how malware writers reuse code from other malware samples and package legitimate applications with malicious code.

A lot of times malicious applications do not contain usable code and once executed these apps simply do not do anything. But sometimes malware writers’ package legitimate or working apps with malicious components. In such cases if the victim is not vigilant, he may never suspect that his device is already infected with malware. Here is where SonicWall Capture Labs provides protection against this threat with a customised signature – AndroidOS.Ahmyth.RB

About Admin

Check Also

Speaker for the day- Mr Satyan Chandra Mogan From 17th September.

The Rotary Club of Madras invites you to an interesting talk by Mr Satyan Chandramogan tomorrow …

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.