Ransomware

Beware: New Viper RAT Targets Android Phones

A multi-grabber for credentials, emails, 2FA codes, wallets, and keys is one of the features that are offered, along with keylogging capabilities.

by Ashish Khaitan June 4th, 2024

Share on LinkedInShare on Twitter

Dark web actors are advertising a new Android Remote Trojan called Viper RAT that targets Android devices. The threat actor, which goes by the same name, has asserted that this malicious tool has a plethora of capabilities.

On May 31, 2024, information about the advertising of a brand-new Android Remote Trojan Access (RAT) called “VIPER RAT” on the CrackingX and OnniForums forums became public. According to the post, the Viper RAT can be rented for a mere $499 with capacities of targeting and penetrating devices based on Android operating systems.

Android Remote Trojan Viper RAT Advertised on Dark Web Forums

A multi-grabber for credentials, emails, 2FA codes, wallets, and keys is one of the features that are offered, along with keylogging capabilities. Additionally, this Android Remote Trojan Viper RAT offers more than 600 word-wide injections, phone unlocking, VNC control, and audio and video recording capabilities to aid with phishing redirection.

To add a degree of credibility, the threat actor provides a dedicated website, viperrat[.]com (domain registered on May 17, 2024), and a Telegram account for orders. The unnervingly low cost of the Viper RAT suggests that its release was motivated by malevolence. The efficacy of this device is demonstrated by the two demonstration videos that the threat actor has uploaded on the main website.

The Viper RAT has previously made an appearance in the world of cybercrime. The author made the initial introduction to CrackingX on May 8, 2024, and updated the features on May 31, 2024. The threat actor’s overt endorsement of the Viper RAT highlights how serious the risks are for Android users everywhere.

Advanced Features, Capabilities, and Pricing

The threat actor’s pitch on underground forums paints a grim picture of the Viper RAT’s capabilities. Promising “Viper Android Rat Hidden Screen Control Unlock Phone | Grab VE 2FA ★Crypto,” the actor markets it as the “Best Android Remote Control,” with a reminder that “The only secure phone is that powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.”

The pricing tiers begin at $499, and customized versions can be ordered. The threat actor highlights that installation support is given without charge, but there are no trial offers. Only cryptocurrency can be used as a form of payment, further obscuring illegal activities.

Among the features listed by the threat actor, Viper RAT has a set of other factions that are specifically designed to target Android devices regardless of what hardware they are using. To shed light on some of its features, the Android RAT can achieve live keylogging and phishing redirection to multi-grabber features and seamless screen control.

The Viper RAT also offers many more features, such as smooth hidden VNC control, screen capture, unlocking pin and pattern, controller support for APKs up to version 14, and much more. Due to these features, the threat actor has unparalleled access to personal information, enabling them to act destructively and surreptitiously.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button