WolfRAT

The WolfRAT (Remote Access Trojan) hacking tool is a threat created by a company named Wolf Research. This company originates from Germany, and it is in the business of creating monitoring tools for various foreign organizations and even governments. According to experts, the Wolf Research organization has ceased its activity, and some of the developers involved in this operation have now set up a new group called LokD. Since the WolfRAT was developed by experts in the field of spyware, one would expect this threat to be very high-tier. However, this is not the case. Malware researchers have spotted portions of unusable code, as well as certain modules, which were plagiarized from freely available hacking tools online, like the Dendroid RAT.

Despite the fact that the WolfRAT is by no means a state-of-the-art hacking tool, it is still very functional and capable of causing a lot of damage to its targets. In one of the recent campaigns involving the WolfRAT, most of the affected users were located in the region of Thailand. In this latest campaign, the attackers only used a small portion of the features of the WolfRAT. The goal of this campaign was to collect information from targeted users. It would appear that the WolfRAT was propagated via text messages, fake social media profiles, bogus downloads, etc. This threat targets Android devices and masks itself as a genuine process that is linked to the activity of Adobe Flash Player or Google Play. When the WolfRAT compromises the targeted Android device, it will execute periodical checks that serve to determine what is the currently active application used by the victim. If the targeted user launches WhatsApp, Facebook Messenger or Line, and WolfRAT detects that the user has launched one of the mentioned instant messaging applications, it will begin taking screenshots of the victim’s screen. This would allow the operators of the WolfRAT to get their hands on sensitive, personal information about the victim.

Users often underestimate how important mobile security is, but the WolfRAT comes to show us that shady cybercriminals can tap into our private conversations and use them for blackmail, credential theft, etc. easily. It is advisable to install a reputable Android anti-virus application on your mobile device to protect it from threats like the WolfRAT.