The LodaRAT has been found targeting Android devices in a new campaign. The malware has historically targeted Windows devices, however, is now being distributed in an ongoing campaign that seeks to spy on victims. The LodaRAT has also been updated, with the more aggressive version spotted by researchers in a campaign targeting Bangladesh. The campaign seemingly represents a shift in the LodaRAT developers’ strategy, as the attacks are targeted towards espionage goals rather than financial gain as witnessed in previous campaigns.
Past versions of LodaRAT contained credential-stealing capabilities that were used by operators to drain bank accounts. The new version boasts information gathering commands instead. The hybrid campaign is particularly concerning to researchers as it shows the ability of the malware operators to thrive and evolve into new attack methods. The combination of the Windows and Android operations using two different versions of the same malware could indicate that worse attacks are yet to come from this threat actor group as they continue to modify the already dangerous malware.
Read More: Android Devices Hunted by LodaRAT Windows Malware