This malicious malware now also threatens Mac and Android users

• The comparison
• Tutorials
• This malicious malware now also threatens Mac and Android users

A new strain of GravityRAT malware, previously believed to only affect Windows machines, has crossed over to infect Android and macOS devices. The Remote Access Trojan has been traced to Pakistani hacker groups and used to attack the Indian military services. The malware exploit has been active for at least 2015, but it wasn't until a few years ago that it started targeting Android devices. It is now clear that GravityRAT, of which there are more than 10 different versions in circulation, can also affect products running a Mac operating system. “Our investigation indicated that the actor behind GravityRAT continues to invest in its spying capabilities,” Tatyana said. Shishkova, a security expert at Kaspersky. “Cunning disguise and an expanded operating system portfolio not only allow us to say that we can expect more incidents with this malware in the region, but also supports the broader trend that malicious users are not necessarily focused on developing new malware, but rather in developing proven malware, with the goal of achieving maximum success.

A rat trap

A Kaspersky analysis of an Android travel app targeting the Indian market revealed that it contained a malicious module based on the GravityRAT malware. The module was capable of stealing user data, including email addresses, SMS messages, call logs, contact lists, and documents. Threat actors now also include digital signatures on these malicious apps to make them look legitimate. In some cases, the apps are designed to look like genuine software clones. Between 2015 and 2018, around 100 successful exploits were performed using the GravityRAT malware, and many public sector employees were tricked into downloading the Trojan under the pretext that they were installing a secure email platform. . Through a computer that sounds