Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Backdoor 'GhostCtrl' Can Silently Record Your Audio, Video and More (neowin.net)

Posted by BeauHD on from the behind-the-scenes dept.

An anonymous reader quotes a report from Neowin: A new strain of malware designed for Android devices has recently been discovered, which not only can silently record audio and video, but can also monitor texts and calls, modify files, and ultimately spawn ransomware. Dubbed as 'GhostCtrl' by researchers over at Trend Micro, the malware is apparently a variant of OmniRAT, a remote administration tool for Android, which is available to the public. It also appears to be part of a wider campaign that targeted Israeli hospitals, where a worm called RETADUP surfaced back in June. According to the report, there are three versions of the malicious software. The first variant stole information and controlled a device's functionalities, while the second added new features to exploit. The third one combines all the features of the old versions, and adds even more malicious components into its system. The latest iteration of GhostCtrl can now monitor call logs, text messages, contacts, phone numbers, location, and browsing history. Furthermore, it has the ability to record the victim's Android version, battery level, and Bluetooth information. To make make matters worse, it can now also spy on unsuspecting victims by silently recording audio and video. The malware distributes itself via illegitimate apps for WhatsApp or Pokemon GO. Trend Micro suggests you keep your Android devices up to date and data backed up regularly. They also recommend using an app reputation system that can detect suspicious and malicious apps.

3 of 69 comments (clear)

  1. Re:Walled Garden by Anonymous Coward · · Score: 2, Informative

    Apps that do what GhostCtrl does but on iPhones are rife in the app store.

    You just have to know where to look. The walled garden's cracks started showing years ago.

  2. Re:Walled Garden by Anonymous Coward · · Score: 3, Informative

    Now, what's so bad about Apple's walled garden again?

    What's bad is it isn't infallible https://www.theiphonewiki.com/wiki/Malware_for_iOS

  3. Re:Apple vs. Android by tlhIngan · · Score: 3, Informative

    I don't want a company to control what I can and can't install in my hardware.

    Apple allows sideloading of apps since at least iOS9 without requiring you to pay $99. Anything you can compile yourself, you can load onto your iPhone with Apple's blessing. There are restrictions of course, but Apple is letting you load your stuff onto your phone (and others you can physically get access to).

    The funny thing is, you'd expect an "open source app repo" to have sprung up consisting of apps and games you build and load yourself, but I haven't seen one. But yes, it's a way to get verboten apps on iPhone, and many emulators use this method - because naturally, they were open source to begin with.

    And while technically, you're not supposed to, closed-source can use the same mechanism to get onto iPhones as well - many piracy sites use the same mechanism to load pirated apps onto iPhones.