Home Malware Programs Remote Administration Tools SpyMax RAT

SpyMax RAT

Posted: March 20, 2020

The SpyMax RAT is a Remote Access Trojan that lets attackers control your Android device through its interface. While it's freely available on the ark Web, an early 2020 campaign is exploiting the Coronavirus epidemic for installing the RAT through fake disease-monitoring services. Users can protect their phones with safe browsing behavior and letting anti-malware products manage to detect and delete the SpyMax RAT as soon as possible.

Taking Max Advantage of a Global Disease

The SpyMax RAT is one of innumerable Remote Access Trojans that, after being cracked, is available to effectively any would-be hacker without any charges. Its set of features may not hold many surprises for readers familiar with what RATs can do, but a new campaign is wielding the program in ways that are highly relevant to current health emergencies. This 'freeware' Trojan is getting a new life, thanks, unfortunately, to the Coronavirus, AKA COVID-19.

The Remote Access Trojan lets an attacker administrate over compromised Android devices (or smartphones) with an interface that boasts of management features for cameras, SMS messaging, and files, along with access to applications, the mic, and the shell terminal. Using a user-friendly menu, attackers could collect information, drop other threats, or change essential security settings. Although the SpyMax RAT was premium previously, leaks turned it into a 'public domain' Trojan.

The SpyMax RAT is rising in relevance lately due to a long-running Android-infiltration campaign that uses various backdoor Trojans and RATs. Current attacks are installing a version of the SpyMax RAT – by pretending that the download is a 'Corona Live' tracking application for the Coronavirus epidemic. Its design uses a legitimate application as its visual basis, collected from the John Hopkins Coronavirus Research Center.

Calling Doctor for an Ill Phone

The skyrocketing numbers of Coronavirus tactics involve more than just the SpyMax RAT. The CovidLock Ransomware, tools of the Vicious Panda, and the CoronaVirus Ransomware are three current examples. Further campaigns using similar strategies are likely to become a persistent part of the threat landscape for months, if not years, to come.

Users also should remember that the SpyMax RAT is distributable by, effectively, any random criminal. New attacks seeking for installing the Trojan may use entirely separate exploits from the ones of note at this time. Additionally, malware experts warn that the SpyMax RAT's fake application is circulating by unknown channels. However, they confirm that the Google Play Store isn't a factor (unlike, for instance, the Haken Trojan clicker's campaign).

Android-compatible anti-malware tools can assist with removing variants of the SpyMax RAT, whether they're arriving as part of application bundles, or by other methods. Until that time, users should presume that attackers have total control over the internet-accessible phone.

The SpyMax RAT's Coronavirus exploits could be ventures supporting a surprisingly Africa-focused series of attacks, particularly, concerning Libyan residents. Whether it's a disease tracker, a mobile phone lookup application, or a media player, there's no good to come of trusting an executable application without guaranteeing its identity first.

Loading...