rat next to girl with a phone

Rats? On your Phone?

There is a new threat that has emerged for your cell phone. BOTH Android and iPhone alike this time. So, protect your loved ones! It is a long read, but please do read it; it could save you a world of hurt!

Let’s dive in.

If your phone or other device becomes infected with this new RAT, or Remote Access Trojan, spyware attackers can see and do almost anything on your phone. Yes, you read that correctly. Almost anything. From reading your messages to seeing what your camera sees. This new threat is called ZeroDayRAT.

Aside from the obvious invasion of privacy, what makes this RAT so dangerous? Here is what the attackers can see:

  • All your notifications (including one-time passcodes)
  • They can search your inbox and ext messages
  • They can see your device’s physical information, including the battery level and network activity
  • Who you talk to the most
  • What apps you use the most
  • Where you go online

They basically can build a full profile of you and your daily life. Scary? I know it sends chills up my spine to think of the level of privacy invasion that they now have access to.

What’s more, they have access to your hardware. That means they can do the following:

  • Watch the keyboard and capture everything you type
  • See every input on your screen
  • Access your microphone (listen in on you and your conversations, and you thought you were paranoid before)
  • Activate your cameras
  • Watch your screen in real time

I know this is scary. I am sorry to frighten you. But these are things you need to be aware of that are out there so you can help protect yourself and your loved ones. Here is how to tell if you have been infected:

The bad news:

It is stealthy. It is not going to flash lights and sound bells to let you know it is there, obviously. However, there are some really good clues.

  • Battery Drain
  • Overheating Phone (without heavy use)
  • Strange Data Spikes
  • Mic and Camera activating randomly (usually an indicator in your notifications bar)
  • Unknown apps being installed or odd configuration changes
  • Password Resets or Login Alerts

The good news:

There is a way to remove the RAT.

If you think you have been infected, ACT FAST! Do not keep using your phone like normal while you “figure things out.” You are just asking for trouble.

  1. Disconnect IMMEDIATELY from Wi-Fi and 5G.
  2. From a different device, change your passwords. Banking, social media, and any payment accounts FIRST! Then the rest. Yes, all of them. Especially if you have not heeded our warnings in the past to not use the same passwords across multiple accounts. Enable 2FA on as many of the accounts as you can!
  3. Run strong antivirus software on the phone. I have run, but do not endorse, Bitdefender in the past. There are many out there.
  4. Remove suspicious apps and profiles
  5. Backup data, but carefully-only critical files such as contacts and photos. DO NOT rely on full system restore files.
  6. Perform a factory reset. That is the best way to ensure the RAT is gone. I know it is a pain, but would you rather suffer that way or the other?
  7. Monitor all your accounts. Banking and social media

Ways to stay safe:

  • Avoid Sideloading Apps
  • If you are not sure what that is, good. Basically, using a NON-Google or other official app store to load apps.
  • THINK before you click on that link
  • Update that phone
  • Review App Permissions
  • Use 2FA on your accounts
  • Create Passcodes for your phone (I know of several people that do not have a code to log in to their phone. Yes, believe it or not.)

– adapted from cyberguy.com

As always, please feel free to reach out to us if you have any thoughts on this.

Stay Safe Out There!