CapraRat Spyware Targeting Gamers & TikTok Users Via Malicious Android Apps

A new report from SentinelLabs, the research division of cybersecurity company SentinelOne Inc., recently revealed the revival of the CapraRAT spyware. The Android CapraRAT Spyware is reportedly targeting mobile gamers and TikTok users through malicious Android apps.

For all those unfamiliar, CapraRAT is an Android remote-access trojan. It is used by a Pakistan-linked threat group known as Transparent Tribe (APT36), which emerged around 2018. Historically, the malware has been deployed for surveillance purposes. The major target of this malware was the Indian government, military personnel as well as human rights activists. Initially, CapraRAT was spread via fake dating apps and social engineering tactics. Over time, Transparent Tribe extended its tactics to include fake YouTube apps, using these to conduct extensive data harvesting and surveillance on compromised devices.

SentinelLabs Uncovers Four New Android CapraRAT Spyware Kits

In a recent development, SentinelLabs discovered four new CapraRAT Android Package Kits (APKs) — Crazy Game, Sexy Videos, TikToks, and Weapons. These kits continue entrenching spyware within video browsing apps. These new APKs target mobile gamers, weapons enthusiasts, and TikTok fans, aiming to collect private data and monitor user activities.

The CapraRAT APKs operate by implanting spyware within video browsing apps. They use WebView to launch URLs that appear legitimate, such as YouTube or CrazyGames.com. These vicious apps ask for extensive permissions, including access to GPS location and contacts, and the ability to record audio and video, allowing the spyware to collect and exfiltrate susceptible data from the victim’s gadget.

According to SentinelLabs, these APKs follow Transparent Tribe’s practice of using social engineering to deliver spyware. However, these APKs now come with minor updates to assure compatibility with newer Android versions and to target a broader audience.

To avoid CapraRAT and other malware downloads, users are suggested to be cautious while downloading apps from unofficial sources. Moreover, they should carefully review the permissions requested by any app. Downloading apps from trusted sources, such as the Google Play Store, can help reduce the risk of installing such hostile software.

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Laiba Mohsin

Laiba is an Electrical Engineer seeking a placement to gain hands-on experience in relevant areas of telecommunications. She likes to write about tech and gadgets. She loves shopping, traveling and exploring things.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Get Alerts!

PhoneWorld Logo

Join the groups below to get the latest updates!

💼PTA Tax Updates
💬WhatsApp Channel

>