Mobile malware is increasing at a frightening pace – and yet most mobile users do almost nothing to protect their devices against attack. One of the simplest things to keep yourself and your devices safe is to learn about some of the biggest digital threats, taking the appropriate steps to achieve effective security. In 2023, perhaps the most threatening malware targeting mobile devices is called Anubis – and here’s what every mobile user should know about it.
Anubis Is a RAT
In Ancient Egypt, Anubis was the imposing jackal-headed god of the underworld, but in 2023, Anubis is known as a RAT, or a remote-access Trojan. This type of malware secretes itself onto devices, downloading and installing without detection, extending administrative privileges to attackers so they may view a user’s files and make changes to their device without a user’s knowledge or permission.
Like other RATs, Anubis has many diverse methods for delivery onto a victim’s device. Most often, Anubis is distributed via malicious websites, many of which claim to be associated with legitimate websites and promote the download of a file supposed to help web users in some key way but actually only infects them with malware. Anubis has also been discovered in phishing messages sent via email or social media as well as within malicious applications in the Google Play Store.
Anubis Is Open-source
While many threat actors carefully control their latest and greatest malware, expecting to benefit greatly from its deployment, Anubis is available to any would-be cybercriminal who knows how to use it. The source code for Anubis is freely found all over the dark web, so hackers the world over can use it or modify it to suit their needs.
Already, RATs offer attackers a lot of flexibility with how they infiltrate devices and what they can do once the malware is installed. Cybercrime gangs have utilized the wide range of functionality they gain through Anubis to achieve devastation in diverse ways, such as:
Credential theft. Most often, Anubis abuses accessibility services to capture a user’s banking login credentials, which attackers then use to drain a user’s checking and savings accounts.
SMS interception. Attackers can read and send SMS messages through Anubis. Not only does this open another avenue for the collection of sensitive information and dispersal of malware, but it also means that attackers can take control of multi-factor authentication attempts used by banks and other institutions for enhanced security.
Keylogging. A relatively rudimentary attack but an effective one nonetheless, keylogging involves recording a user’s keystrokes. This is often used to capture more passwords and other sensitive data.
Audio recording. Anubis gives attackers control of a mobile device’s microphone, which means attackers can listen to victims’ conversations. This can be used to collect sensitive information for extortion, and it is undeniably frightening to most mobile users.
Screen capture. Attackers can use Anubis to take screenshots, which may be useful when users are displaying useful information in other applications.
Location tracking. Mobile phones track users’ locations using GPS, and attackers can find and use this information to understand more about their victims.
Ransomware. Some Anubis variants can lock mobile devices, denying users access until they complete a certain task as outlined in the ransom note – usually making some kind of payment to attackers.
Anubis Can Be Avoided
RATs are notoriously difficult for security programs to detect, both before they are installed and afterwards. And, unlike other forms of malware, RATs remain dangerous even after the original malware has been removed from a victim’s device because attackers usually take advantage of their administrative power to give themselves permanent backdoors. Thus, it is most important for mobile device users to maintain safe habits that are unlikely to put them in contact with Anubis or other mobile malware like it.
First, a mobile security solution from a trusted cyber security provider goes a long way toward guiding users safely around the web. Users can link their mobile security app to a more comprehensive security solution on all their devices to keep their entire network safe from attack.
Next, users should learn to recognize the signs of malicious links and apps. Strange spelling or grammar, odd graphics and poor reviews are all signs that users should not interact with a certain entity or they will risk downloading malware onto their device. It is also wise to stay away from third-party app stores; though Anubis has been found in Google Play, as a whole the store much more reliably identifies and removes malicious programs than other stores around the web.
Anubis is among the most threatening mobile malwares online today, but the more you know about it, the better equipped you can become to avoid it. Fortunately, the tools and tactics used to thwart Anubis will also come in handy for other mobile malware into the future.