Hackers using Android OmniRAT malware to attack Isis supporters on Telegram
Isis members are reportedly warning others of the malware which can spy on its victims.
Islamic State (Isis) members and supporters are reportedly being targeted by unknown hackers, using the Android AmoniRAT malware. The hackers are allegedly using a modified version of the Android version of the Telegram app, dubbed plus_gram.apk, which contains the OmniRAT malware to distribute and infect IS (Daesh) supporters.
An unnamed security researcher reportedly uncovered posts on underground Isis forums which detail the new malware threat. OmniRAT is among the few malware strains capable of targeting Android, Mac, Windows and Linux systems and is also commercially available online.
According to a report by Bleeping Computer, a security researcher who goes by the Twitter handle FourOctets, discovered the OmniRAT malware after analysing the malicious plus_gram.apk app. According to both the anonymous security researcher as well as FourOctets, the hacker/hackers behind the fake app appear to have little to no expertise in working with malware.
"They didn't even try to hide what it was," FourOctets said. "[OmniRAT] It's still in the XML file."
"I'm thinking it's just old code repacked for Android, using a common vector," the anonymous researcher said. He described the individual who put together the malware as "an amateur/hobbyist."
This particular version of the OmniRAT Trojan is reportedly capable of spying on infected victims. The malware can retrieve SMS messages and phone logs, gain access to victims' GPS coordinates, surreptitiously install apps, access the device's microphone and camera as well as dump the entire device's memory, among other things.
Members of the extremist group appear to be aware of the threat and are allegedly warning others of the malware.
Isis has taken to warning journalists, government spies and Anonymous hackers to stop monitoring and reporting their Telegram channels, according to New York Times correspondent Rukmini Callimachi, who took to Twitter to post a screenshot of the warning.
The message reads: "We are not dumb nor stupid not to know that you are monitoring our Channels.
"Reporting our Channels to be Disabled will only make you 'Die in Rage' because You cant stop the 'Rise of the islamic state' World Wide."
© Copyright IBTimes 2024. All rights reserved.