Open-Source L3MON RAT Goes After Android Users
L3MON RAT is an open-source piece of malware that is meant to run on Android devices. The payload being publicly available means that any cybercriminal can compile and start using it to infect Android devices worldwide. Recently, Android antivirus products identified a new campaign aiming to spread the L3MON RAT Malware. The criminals are using fake copies of an app called 'Sathi Chat' to deliver the malicious payload. The APK installers are hosted on 3rd-party sites and services, which serve unverified apps to Android users. You should always be careful when interacting with APK files from unknown sites, since they could easily bring malicious software to your device.
What is the L3MON RAT?
Remote Access Trojans (RATs) for Android are very rich in terms of features. They enable their operators to perform all sorts of tasks on the infected device, effectively allowing them to spy on the victim continuously. The L3MON RAT, in particular, has the following capabilities:
- Download and run additional APKs.
- View installed software and running Android services.
- Fetch contacts.
- Send text messages and access the inbox.
- Explore the file system, and exfiltrate files to a remote server.
- Log notifications and clipboard data.
- Access hardware like the GPS sensor, microphone, and camera.
Needless to say, a hacker could use the L3MON RAT implant to spy on your conversations, steal your files, and much more. To protect your Android phone or tablet from the L3MON RAT, we suggest using an up-to-date anti-malware app for Android.