"Android Users Warned of Rising Malware Threat From Rafel RAT"

"Rafel" is an open source Android RAT used by multiple threat actors, including an espionage group. According to an earlier Check Point Research (CPR) report, Rafel had already been linked to the "APT-C-35/DoNot Team." CPR highlighted the RAT's remote access, surveillance, data exfiltration, and persistence maintenance capabilities. Through collecting malware samples and analyzing around 120 Command-and-Control (C2) servers, CPR identified the US, China, and Indonesia as the most impacted countries. Most of the devices infected were Samsung phones, followed by Xiaomi, Vivo, and Huawei. This article continues to discuss findings regarding the Rafel RAT.

Infosecurity Magazine reports "Android Users Warned of Rising Malware Threat From Rafel RAT"

Submitted by grigby1