7/3/2023 0 Comments Com whatsapp downloadThe malicious apps also provide legitimate chat functionality based on the open-source OMEMO Instant Messenger app.įigure 6. Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive commands to delete files. BingeChat is distributed through a website advertising free messaging services. Most likely active since August 2022, the BingeChat campaign is still ongoing however, the campaign using Chatico is no longer active. The actor behind GravityRAT remains unknown we track the group internally as SpaceCobra. Windows, Android, and macOS versions are available, as previously documented by Cisco Talos, Kaspersky, and Cyble. GravityRAT is a remote access tool known to be used since at least 2015 and previously used in targeted attacks against India. ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete filesĮSET researchers have identified an updated version of Android GravityRAT spyware being distributed as the messaging apps BingeChat and Chatico.
0 Comments
Leave a Reply. |