“Rafel RAT” Is Malware That Hides Behind APK Files



An APK is an Android application installation file for sideloading on a device. Some are official ones given by the developers but more dangerous ones are spread in the web arena. Most recently, security firm Check Point Solutions has discovered a new malicious application dubbed the Rafel RAT hiding behind an unofficial APK file.



Check Point discovered 120 campaigns using the Rafel RAT to attack Android devices. This dangerous APK file is said to be spread through social media applications. It masquerades as an app that users already trust to trick them into installing a new version. In the report given, many victims are said to be using Samsung, Xiaomi, vivo and Huawei devices.



Rafel RAT attacks older devices such as those still running Android 11 among the most. Then followed by Android 8.0 and Android 5.0 devices. During the installation of this dangerous APK file, it will ask the user to access suspicious permissions. Through it, the screen lock can be activated remotely, all passwords can be broken, all encrypted files can be decrypted and the threat of paying to get the files back can also happen through the Telegram application.



The biggest Rafel RAT attack cases are in the United States, Indonesia and China. No case in Malaysia has been reported but that does not mean it is not dangerous and not important. For now the safest step is to download and update applications that you already trust through authentic sources such as Google Play Store which always detects and scans for dangerous applications in Android devices.

Previous Post Next Post

Contact Form