Consider following on social media!
Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!
Photo by Ketut Subiyanto, please support by following @pexel.com
So many times, in life when you think you have dealt with one problem, shortly after there comes another one creeping its way around the corner hopping in your pants to make its way up the place where the sun doesn’t shine.
For many of us, this comes in the form of bills, but for most of us, this comes in the form of finding out how easily someone can obtain our sensitive information, which in most cases they don’t have to be involved at all, they can just have collection be automated while sat on the porcelain stool passing the morning coffee and last night’s meal.
Android products and Google Play Store have been a playground for threat actors to release malware in an effort to collect from their victims. As usual, we’re going over what the attack is, who is using it, the functionality and effects upon release, and what are some ways to protect yourself from having a rat run rampant on your personal device.
Photo by Andrea Piacquadio, please support by following @pexel.com
The Attack
Speaking of having a rat in your personal device. Here’s a name you’re not ready for, IRATA. Yes, that’s an actual name of malware. IRATA stands for Iranian Remote Access Trojan.
Are you trying to figure out what the last “A” stands for? Simple, since it is Android specific, it stands for “Android”. Android users, feel proud, there’s another malware targeting you…yet again.
This is a program that has spyware and information-stealing capabilities. This was discovered via a smishing attack in Iran. Smishing for those who do not know, is the dark art of contacting a person through text or another SMS (Short Message Service) to lure them into a false sense of security to give information. In this case, IRATA brings users to a fake webpage urging them to download an app and pay a fee for the service.
Unlike how companies operate by offering a service and charging you for the service and then some, you can actually choose not to pay this one, so don’t pay it.
Photo by MART PRODUCTION, please support by following @pexel.com
Who Can It Be Now
So who are the culprits employing the use of IRATA? Well, and this seems to become the norm if you’re a subscribed reader, no one has been named for using this malware.
However, its origin stems from Iran since that’s where its activity is taking place. Just be aware, that if you have a trip coming up to Iran, pray for your Android device. Regardless, still safeguard your device, traveling or not.
Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?
Sarah: Are you sure it’s a RAT and not a rat?
Tim: What’s the diff?
Photo by Tirachard Kumtanom, please support by following @pexel.com
That Sinking Feeling
Why would this be something you need to worry about? Well, since you asked, you would have to worry about IRATA scurrying away with all the information about your personal device.
This would include information like the serial number, the device ID, battery status, network type, and many other things. This is like your blind date showing up and telling you everything they know about you without you uttering a word. It’s not creepy at all.
To make IRATA even more terrifying, IRATA can hide itself by disguising its icon and tampering with the phone’s sound settings, like putting the phone on vibrate or lowering the volume. Once IRATA is in, it can collect information and replicate software to further malicious attacks like phishing.
Photo by Andrea Piacquadio, please support by following @pexel.com
The Prevention
Okay, so it’s clear that you don’t want to go on a creepy blind date where they know everything about you before you say anything, and neither do we want you to. So how would you protect yourself from something like this?
To keep this malware from two-stepping on your personal device, check the reviews of others who may have downloaded the software. Always read the permissions the application is requesting to have access to as some may request access to questionable things.
Like a camera app requesting access to cookies in the browser. It’s plausible that the camera application may have a valid reason for requesting access, however, if it raises a red flag to you then you should go with your “gut feeling”.
Do not download software from third parties as they may contain malware on par or worse than IRATA. Keep your system and anti-virus up to date and exercise caution when opening emails with attachments.
You might not be able to keep out every rat but you can at least lower your chances of falling for their traps.
Dave: You bet I do. I have anti-virus software and Scriptingthewhy.com and… that’s not what you meant by protection.
Photo by Josh Willink, please support by following @pexel.com
Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.
Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.
Do you feel like there is something I may have missed on IRATA? Script a comment below.
