A new mobile Remote Access Trojan (RAT) named CallerSpy is targeting Android devices, according to information from TrendMicro. CallerSpy collects personal information such as call logs, SMS text messages, contacts, and files on the device through the use of Evernote’s Android-Job. This library is used to schedule jobs, which will run concurrently in the background. Additionally, this RAT has the ability to receive commands from its Command and Control (C2) server in order to take screenshots, record the environment, upload data, and update the RAT configuration. The malware distribution site gooogle[.]press mimics Google in order to trick users into downloading the app.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.