Firewall Daily

Beware! New Android Trojan ‘Viper RAT’ on Dark Web Steals Your Data

A multi-grabber for credentials, emails, 2FA codes, wallets, and keys is one of the features that are offered, along with keylogging capabilities.

Dark web actors are advertising a new Android Remote Trojan called Viper RAT that targets Android devices. The threat actor, which goes by the same name, has asserted that this malicious tool has a plethora of capabilities.

On May 31, 2024, information about the advertising of a brand-new Android Remote Trojan Access (RAT) called “VIPER RAT” on the CrackingX and OnniForums forums became public. According to the post, the Viper RAT can be rented for a mere $499 with capacities of targeting and penetrating devices based on Android operating systems.

Android Remote Trojan Viper RAT Advertised on Dark Web Forums

A multi-grabber for credentials, emails, 2FA codes, wallets, and keys is one of the features that are offered, along with keylogging capabilities. Additionally, this Android Remote Trojan Viper RAT offers more than 600 word-wide injections, phone unlocking, VNC control, and audio and video recording capabilities to aid with phishing redirection.

To add a degree of credibility, the threat actor provides a dedicated website, viperrat[.]com (domain registered on May 17, 2024), and a Telegram account for orders. The unnervingly low cost of the Viper RAT suggests that its release was motivated by malevolence. The efficacy of this device is demonstrated by the two demonstration videos that the threat actor has uploaded on the main website.

The Viper RAT has previously made an appearance in the world of cybercrime. The author made the initial introduction to CrackingX on May 8, 2024, and updated the features on May 31, 2024. The threat actor’s overt endorsement of the Viper RAT highlights how serious the risks are for Android users everywhere.

Advanced Features, Capabilities, and Pricing

The threat actor’s pitch on underground forums paints a grim picture of the Viper RAT’s capabilities. Promising “Viper Android Rat Hidden Screen Control Unlock Phone | Grab VE 2FA ★Crypto,” the actor markets it as the “Best Android Remote Control,” with a reminder that “The only secure phone is that powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.”

The pricing tiers begin at $499, and customized versions can be ordered. The threat actor highlights that installation support is given without charge, but there are no trial offers. Only cryptocurrency can be used as a form of payment, further obscuring illegal activities.

Among the features listed by the threat actor, Viper RAT has a set of other factions that are specifically designed to target Android devices regardless of what hardware they are using. To shed light on some of its features, the Android RAT can achieve live keylogging and phishing redirection to multi-grabber features and seamless screen control.

The Viper RAT also offers many more features, such as smooth hidden VNC control, screen capture, unlocking pin and pattern, controller support for APKs up to version 14, and much more. Due to these features, the threat actor has unparalleled access to personal information, enabling them to act destructively and surreptitiously.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Ashish Khaitan

Ashish is a technical writer at The Cyber Express. He adores writing about the latest technologies and covering the latest cybersecurity events. In his free time, he likes to play horror and open-world video games.

Recent Posts

AI Cyber Attacks Emerge as Biggest Threat to Indian Banking: RBI

The report noted that cyber risk has become a major financial stability concern as India's financial ecosystem becomes increasingly digital…

21 hours ago

Apple Security Update Patches 30+ Vulnerabilities in iOS 26.5.2

Apple said the flaws were addressed through improved memory management, input validation, bounds checking, and stronger security origin tracking.

2 days ago

Ukraine Makes History With First $8.3M Seized Crypto Transfer to ARMA

ARMA said receiving the cryptocurrency marks an important step in the evolution of Ukraine's asset management system.

2 days ago

U.S. Seizes Nearly 400 Illegal FIFA World Cup Streaming Domains

The domain seizure operation was coordinated with international partners through the International Computer Hacking and Intellectual Property (ICHIP) Network.

2 days ago

Operation Endgame Disrupts SocGholish, StealC Malware Networks

The operation forms part of Operation Endgame, described by Europol as the largest international initiative to disrupt ransomware enablers worldwide.

3 days ago

UAE Cybersecurity Council Calls for Stronger Digital Footprint Protection

The UAE Cybersecurity Council shares cybersecurity best practices to help users secure digital footprints and reduce cyberattack risks.

3 days ago

This website uses cookies. By continuing to use this website you are giving consent to cookies being used.

Read More