Mobile Tech

The GhostCtrl Android malware can silently record your audio and steal sensitive data

Another malware has been discovered, the malware has the ability to silently record audio and video, but can also monitor texts and calls, modify files, and silently inject ransomware into the mobile system.
GhostCtrl as nicknamed by Trend Micro researchers, the malware has similarities with OmniRAT, a remote administration tool for Android, which is open to the public.
Recall that in June, a worm called RETADUP came into the limelight, when the Isreali hospitals were targeted.
According to the report, there are three versions of the malicious software.
The first variant stole information and controlled a device’s functionalities, while the second added new features to exploit. The third one combines all the features of the old versions and adds even more malicious components into its system.
At an advanced stage, GhostCtrl has the ability to monitor call logs, text messages, contacts, phone numbers, location, and browsing history. It goes further into the mobile phone settings and monitor and records the victim’s Android version, battery level, and Bluetooth information. To make matters worse, it can now also spy on unsuspecting victims by silently recording audio and video.
The malware spread through a legal application such as WhatsApp or Pokemon GO. After the APK file has been installed on a victim’s device, a process called ‘com.android.engine,’ a backdoor function of the malware to mislead the user into thinking that it is a safe component of the system is also loaded.
After the installation has been carried out the next process contacts the malware’s Command & Control (C&C) server, which will then give it instructions on what to record or steal from the victim.
Finally, GhostCtrl can become mobile ransomware ineptly.
It could lock the screen, reset a password and root the device, during this process t can steal more data and information from the phone and send to the C&C server.
Trend Micro suggests that Android devices should regularly be kept updated, and that data should be backed up regularly. They also recommend using an app reputation system that can detect suspicious and malicious apps.

Source: Neowin

To Top