This malware uses a rarely used communication method known as protobuf to effectively steal data from infected devices.
At the same time, MMRat was first spotted by Trend Micro at the end of June 2023. It mainly targets users in Southeast Asia and successfully bypasses antivirus scanners like VirusTotal.
Interestingly, the virus spreads through websites that act as the official app store.
After MMRat infects an Android device, it establishes a communication channel with the command and control server (C2) and monitors the device’s activity. During periods of inactivity, attackers can unlock the screen remotely and perform fraudulent transactions on bank accounts in real time.
What makes this virus particularly dangerous is its ability to transfer data efficiently. The creators of MMRat have developed their own protobuf protocols for loading data; this allows them to transfer information efficiently and quickly.
Experts recommend downloading apps only from the official Google Play store and being careful when installing new apps. This should at least somewhat protect against the effects of MMRat.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
