Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware

2 days ago 13

Sep 19, 2023THNMobile Security / Malware

Fake YouTube Android Apps

The suspected Pakistan-linked menace histrion known arsenic Transparent Tribe is utilizing malicious Android apps mimicking YouTube to administer the CapraRAT mobile distant entree trojan (RAT), demonstrating the continued improvement of the activity.

"CapraRAT is simply a highly invasive instrumentality that gives the attacker power implicit overmuch of the information connected the Android devices that it infects," SentinelOne information researcher Alex Delamotte said successful a Monday analysis.

Transparent Tribe, besides known arsenic APT36, is known to target Indian entities for intelligence-gathering purposes, relying connected an arsenal of tools susceptible of infiltrating Windows, Linux, and Android systems.


A important constituent of its toolset is CapraRAT, which has been propagated successful the signifier of trojanized unafraid messaging and calling apps branded arsenic MeetsApp and MeetUp. These weaponized apps are distributed utilizing societal engineering lures.

The latest acceptable of Android bundle (APK) files discovered by SentinelOne are engineered to masquerade arsenic YouTube, 1 of which reaches retired to a YouTube transmission belonging to "Piya Sharma."

The app is named aft its namesake, indicating that the adversary is utilizing romance-based phishing techniques to entice targets into installing the applications. The database of apps is arsenic follows -

  • com.videos.watchs.share

Once installed, the apps petition intrusive permissions that let the malware to harvest a wide scope of delicate information and exfiltrate it to an actor-controlled server. CapraRAT is besides susceptible of initiating telephone calls arsenic good arsenic intercepting and blocking incoming SMS messages.

"Transparent Tribe is simply a perennial histrion with reliable habits," Delamotte said. "The comparatively debased operational information barroom enables swift recognition of their tools. Individuals and organizations connected to diplomatic, military, oregon activistic matters successful the India and Pakistan regions should measure defence against this histrion and threat."

Found this nonfiction interesting? Follow america connected Twitter and LinkedIn to work much exclusive contented we post.

Read Entire Article