Credit: Edgar Cervantes / Android Authority
- Cybercriminals are using malware called Rafel RAT to attack outdated Android devices.
- Rafel RAT is distributed through malicious APK files disguised as legitimate apps.
- To stay protected, download apps only from the Google Play Store, scan them with Google’s Play Protect, and keep your Android OS updated to the latest version.
Cybercriminals and cyber espionage groups have been targeting outdated Android devices with Rafel RAT — an open-source malware — to steal data and carry out ransomware attacks. Researchers from cyber security company Check Point identified over 120 campaigns that used this malware to target Android devices.
The company also conducted a victim analysis, which indicated that targeted users were primarily based in the United States, Indonesia, and China. In terms of the devices used by the victims, the majority had Samsung smartphones. Other affected brands included Xiaomi, Vivo, and Huawei.