OmniRat Allows Cyber Criminals Hack Mac, Linux, Windows PC and Android Phones

At HackRead, we have been reporting on the dangers of Remote Access Trojan (RAT) which sits behind your OS, records and send the sessions to the attacker.

One report that shock the readers was about the Canadian couple who had their laptop camera hacked with the help of RAT and recorded each and everything they did in their room.

Now, OmniRAT is a new threat to the users, as hackers have found a new way to enter into their devices. No matter if you are using MAC, Windows or Andriod operating system you are under a threat.

RAT stands for Remote Access Trojan and is the latest in the family of malware developed by the hackers. Hackers already have created Droid Jack, AndroRAT, DarkComet, and njRAT. Now they have unveiled OmniRAT which according to the hackers can steal data and spy or control the user’s phone.

When the OmniRAT was analyzed for its way of getting into the system it was found that it gets into the devices via a client component that starts communicating with a server counterpart which allows hackers to make the phone do things they want it to.

What’s even more surprising about this RAT is that it’s been offered at a far cheaper price than the earlier RATs. Currently, it’s been sold at a price ranging between $25 and $50.

Screenshot shows how OmniRAT-infected app asks for installation (Image Source: Avast)
Screenshot shows how OmniRAT-infected app asks for installation (Image Source: Avast)
omnirat-allows-cyber-criminals-hack-mac-linux-windows-pc-and-android-phones-5
Here are the permissions the infected app asks for Image Source: Avast)

Though, these software are not illegal because they are used by programmers for testing but if they are used for a malicious purpose they are deemed illegal. Meaning these RATs can be easily bought by anyone which really is the best aspect for the hackers.

In August, Avast found this OmniRAT in action when they analyzed an unusual SMS campaign where they found an SMS send to the victims that they have received an MMS but cannot be send due to Stagefright vulnerability.

So, in order to view the MMS victim is asked to follow a Bitly link which takes them to downloading an apk file if still alarms bells are not rung in the user’s head, the user downloads the file but before downloading it asks for all the permission it needs to get into the phone (Most users never pay attention to the permissions app ask and pay the price).

Once installed it says “Successfully modified” and an icon by the name of “MMS retrieve” comes on the home screen of the phone by this time the user have granted access to his phone and hackers are now control.

 

Here again only one recommendation please be very careful in downloading any files from URLs that belong to third parties and must always have your anti-virus updated so you get the warning from anti-virus. 

SourceAvast

Carolina

Carolina works for HackRead as a technical writer. She is a Brazilian traveller who has been to almost every country around the world. She has a keen interest in technology, gadgets and social media.