Ready to Start Your Career?
October 31, 2018
"I smell a rat!" - AhMyth, not a Myth
October 31, 2018
Remote access trojans and remote administration tools were originally developed to access, surveil, and control traditional computing devices like laptops and desktop computers. However, these tools have naturally evolved to work with more modern computing devices like smartphones and tablets. While iOS devices have many exploits, some of which are highly publicized, Android devices contain many potential avenues for attack. Android phones are essentially portable touch-screen Linux computers, and compared to desktop computers they are just as capable of acquiring, hosting, and spreading RAT programs.This might explain why Google seems to be diverting attention away from Android and moving toward (of course it's own Chrome OS, but also...) something new. Android's successor, Fuchsia, which is rumored to be Google's version of the Mac OS (not open source like Android).AhMyth is a relatively new RAT program for Android devices. Like any other RAT program, AhMyth contains a suite of features for surveillance as well as control. Given the social and technological context of smartphones, this attack provides many opportunities as well as an alarming level of control. Anything the user is capable of doing on their target phone can be accomplished remotely through AhMyth, and the RAT program even allows the attacker to carry out many functions beyond the typical control of the user.Similar to many other RAT programs, AhMyth allows you to access the target’s camera and microphone. This feature creates many dangerous possibilities as many smartphone owners carry their devices with them at all times. This means that an attacker with AhMyth installed on an unsuspecting target would be able to listen to the user and see through the camera(s) at any given time without provoking any notice. On top of this, AhMyth allows the attacker to track the GPS location of a device at any time. Smartphones are uniquely vulnerable devices in that they almost always come equipped with GPS chips, microphones, and cameras. The far-reaching implications of this become clear when you combine these features with a wide network of installations and the automated remote storage of surveillance data.Beyond collecting external information, AhMyth grants complete access to the device’s filesystem. This is typical with RAT programs, and this sort of access can be used to collect, create, and destroy sensitive information on the target’s computer. However, an important difference between the typical RAT program and smartphone RATs like AhMyth is access to cellular functions. AhMyth allows the attacker to browse contact information, view call logs, collect text message communications, and even send messages from the device. These features open up a lot of potential for the attacker that many smartphone users are simply unaware of. Due to the nature of their production and detection, RAT programs like AhMyth are most effective when most users are generally unaware of their existence.