A new mobile remote access trojan (RAT) dubbed Rogue can infect Android devices, take control of them, and steal user data, warned Check Point researchers. To hide from users, Rogue exploits Google's Firebase platform to appear as a legitimate Google service.
More from Check Point:
- Triangulum and HeXaGon Dev worked together to develop the mobile RAT.
- After gaining required permissions, Rogue hides its icon to prevent the victim from deleting it.
- Rogue is able to register as a device administrator.
- The malware exploits the following Google services: Cloud Messaging to receive commands, Realtime Database to upload device data, and Cloud Firestorm to upload files.