After DroidJack, AndroRAT, DarkComet, and njRAT, a new Android RAT, named OmniRAT, has surfaced on the black market. This RAT is new, having been created this year and being sold by a team of German developers. RAT stands for Remote Access Trojan and refers to a particular piece of malware that infects user computers via a client component, which then starts communicating with a server counterpart. This allows an attacker to steal data from a target, spy on the user, and even take control of the victim's device. Unlike previous Android RAT kits, OmniRAT comes with built-in support for controlling desktops, something that its competitors don't have the ability to do. Additionally, also compared to its competition, OmniRAT is also ten times cheaper to purchase, being offered for sale at prices between $25 and $50 (€23 and €46). Software like this is not illegal, mainly because it is also used by programmers and testers in their daily jobs. RATs become illegal when someone uses them for malicious purposes. Around mid-August this year, Avast detected one of these malicious campaigns in action, one that involved a version of OmniRAT, spreading via SMS messages.
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street