TeleRAT, a new Android Trojan that uses Telegram for data exfiltration

Security experts at Palo Alto Networks discovered a new Android Trojan dubbed TeleRAT that uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data.

The TeleRAT malware is distributed via seemingly legitimate applications in third-party Android app stores and also via both legitimate and nefarious Iranian Telegram channels. According to PaloAlto networks, a total of 2,293 users were apparently infected, most of them (82%) having Iranian phone numbers.

Telerat android malware

The post TeleRAT, a new Android Trojan that uses Telegram for data exfiltration appeared first on Security Affairs.



Leave a Reply