A new Android spyware called ClayRat is masquerading as popular apps and targeting Russian users through various malicious channels. It can perform extensive surveillance and data theft activities, and efforts are ongoing to block its spread. #ClayRat #AndroidSpyware
Keypoints
- ClayRat malware disguises itself as legitimate apps like WhatsApp and TikTok to lure victims.
- The spyware targets Russian users via Telegram channels and malicious websites mimicking trusted services.
- It has the capability to steal SMS messages, call logs, take pictures, and make calls without user knowledge.
- ClayRat uses session-based installation techniques to bypass Android security restrictions, especially on Android 13+.
- Googleโs Play Protect now blocks detected variants, but the campaign has over 600 samples indicating a large-scale operation.