The warning about DogeRAT was published on the Patong Police Facebook page last Sunday (June 25), along with several other alerts regarding cybersecurity, as noted by Novosti Phuketa, The Phuket News’ sister newspaper in the Russian language.
In their warning, Patong Police refer to a notice by the Cyber Crime Investigation Bureau (CCIB), which, in turn, cites a report by CloudSEK, a renowned cyber security company based in Bengaluru and Singapore.
“Cyber police alerts – it is here again! DogeRAT is new malware that threatens Android devices. The malware is disguised as a legitimate app and is distributed through advertisements inviting people to download those fake apps. When accidentally installed, it gains access to the user’s personal and financial information, as well as takes control over the mobile phone where it has been installed,” CCIB warned.
CCIB provides the following list of seven disguises used by DogeRAT, as identified by CloudSEK investigators:
- Opera Mini - fast web browser
- Android VulnScan
- YouTube Premium
- Netflix Premium
- ChatGPT
- Lite 1 [Facebook]
- Instagram Pro
The malware can be used to steal sensitive information from the victim’s device and perform various malicious actions, such as sending spam messages, making unauthorized payments, modifying files, and taking photos via both the front and rear cameras of the infected device.
Screenshots from the CloudSEK report show the fake YouTube Premium app requesting permission to take photos and videos, read and send messages, access incoming notifications, and record audio.
To further increase the threat, the developers of DogeRAT do not reserve the app for their own unlawful use but offer it to other individuals as a MaaS (malware as a service), providing the tool for hacking attacks to those who lack programming skills to develop their own.
The open-source version of the malware is hosted on GitHub, while a more persistent premium version of DogeRAT is promoted by the developer via social media.
“Although the majority of this campaign [DogeRAT malware campaign] targeted users in India, it is intended to have a global reach,” CloudSEK warns.
The following basic recommendations are suggested to users to protect their devices:
- Never click open untrustworthy attachments or links. If you receive a link or attachment from someone you don’t know, ignore it.
- Always keep your device’s firmware and other software up to date.
- Use a good cybersecurity solution to protect your device from cyber threats.
- Be aware of the most common signs of scams. Remember that scammers often try to use human feelings such as fear, greed, and urgency to trick victims.
- Educate yourself about new malware and scams to be able to spot and protect yourself from them.