Android users in India are being targeted by DogeRAT, a malware that gains unauthorised access to sensitive data, including contacts, messages, and banking credentials, according to a government security advisory.
This comes at a time when multiple government bodies, including sensitive defence units, have been targeted by cybercriminal groups for stealing sensitive information.
According to the advisory accessed by Moneycontrol, the malware was being circulated by a cybercriminal group over Telegram under the guise of legitimate applications such as ChatGPT, the Opera Mini browser, premium versions of YouTube, and other popular apps and websites.
"Once installed on a victim's device, the malware gains unauthorised access to sensitive data including contacts, messages and banking credentials," the advisory read.
Alarmingly, DogeRAT can also take control of the device, enabling it to send malicious spam messages, make unauthorised payments, modify files, and even take photos remotely using the device's cameras.
"The malware is capable of tracking device location, recording microphone, retrieving contact list, accessing call, SMS, clipboard and notification logs… and executing additional commands from C2 server," it added.
The advisory urged users to not install apps from unknown third-party app stores. Instead, they should stick to app stores that are provided by Google, Apple, or Windows. Additionally, the body urged users to never click on emails sent from unknown senders.
In view of these guidelines, the advisory asked government employees to ensure compliance and to disseminate them to other sections for compliance.
The concerns about DogeRAT were first raised by Indian cybersecurity startup CloudSEK, who said that the malware was targeting a large customer base across multiple industries, especially banking and entertainment. "Although the majority of this campaign targeted users in India, it is intended to have a global reach," the cybersecurity startup said.
Also read: Government warns officials of phishing scams using fake NIC IDs, websites
Recently Indian users, including those in the government, have been targeted by cyber attackers. The government aired a similar warning regarding a "new wave of cyber attack campaign" where China-based threat actors were allegedly targeting government bodies, such as the Unique Identification Authority of India (UIDAI) and the All India Institute of Medical Sciences (AIIMS).
Another government body also released a warning about a cyber-attack campaign in which officials have been receiving malware-laden emails disguised as recommendations on how to prevent honey trapping.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
