DEV Community

Cover image for Are Android RAT's making Java Look Bad?
MaxtonDresser
MaxtonDresser

Posted on

Are Android RAT's making Java Look Bad?

AndroRAT and Java
Android is one of the most thriving platforms right now due to the abyss of APIs and the abilities it has built-in. However, there is always negativity from innovation. Any Innovation. There are hundreds of examples of Rogue such tools one infamous being "AndroRAT", this is an Android RAT that allows remote access to a victims device.

What has AndroRAT got to do with Java?

Well, I knew you would ask.. It was originally developed in Java. There are countless websites out there that are calling it a "Java-based" RAT (Remote Administration Tool). It was so popular at a point that it was also detected by the Symantec team and worldwide news sites reported it.

A question you would ask.

But, what has this STILL got to do with Java?

The interface of various such RATs including AhMyth, DroidJack and SpyMax are built using Java. My personaly opinion is that such tools are indirectly, unkowingly putting a bad name on Java and the Android security community by giving signals that such tools are only created on this platform generaly.

The reason why this tool is so unique is that it is able to target any Windows or even macOS computer. However, it does do it using a very rare vulnerability as I would say.

How have such tools evolved over time

Other such examples, like DarkComet have seen termendous growth and have started to become better in evading Antivirus solutions. Likewise, the above Android RAT's source code was made available publically and since many rogue developers have been publically asking for various help into developing with todays standards and support for newer devices running Android 9, 10 and 11.

What to do if you spot such activity online

Most of these are asking for help or hosting such rogue code publically on repos including GitHub, Stackoverflow and many others. Please start reporting such pages to the Admins and just write a brief paragraph of why this code is or may be used in a malicious tool and why they should consider removing it.

Even worse - you spot it on your device

I hope it never happens. But if it does. Here is what to do:
1: Run a full scan using any Antivirus.
2: Remove any recently installed apps.
3: You are good.

You would be surprised to know that this remote tool is not highly complex when compared to its alternatives out there.

Closing Statement

First, I know some of this would not make sense but please leave a comment and I will try to clarify as much as my little brain can. However, AndroRAT has been very fascinating because of how it is still alive and an APK file is still able to be downloaded. Do have a look at its source code in a isolated environment and I will let you be the judges.

Full Disclaimer: These are all just my opinions and thoughts and are not geared towards any individual, site or organization.

References:

  1. AndroRAT download page.

Discussion (0)