Who wouldn’t like to get free products or services to save a few bucks? Especially these days when inflation is skyrocketing.

But all is not always as it seems. If you search online for free device cleaners or security apps, they may infect your device with malware. Tap or click here for some examples of recently detected free antivirus apps that hide malware.

Unfortunately, another dangerous malware variant replicates quickly and its capabilities are cause for concern. This latest threat not only steals personal information from your device but can also take over your phone to make calls and send text messages. Read on for more details and what you can do to avoid it.

Here is the backstory

There have been tons of rogue apps recently found in app stores which if downloaded will infect your device with malware. But this dangerous variant of malware is not found in any app store. Instead, it spreads through non-traditional means.

Here’s what happens. Zimperium zLabs security researchers recently discovered a Remote Access Trojan (RAT) targeting Android phones. A fake app is advertised on social media in the Middle East, targeting work phones.

The app claims to allow users to connect to social media sites that are generally blocked from viewing. The app is called NbRent and is a rebranded version of a previously malicious application called TextMe. To install the app on your device, you need to download it from a link in the ad. Red flags there?

It is never a good idea to bypass official app stores. We always recommend getting apps from the Google Play Store or Apple’s App Store. Downloading an app from a social media link is even more dangerous than using a third-party store. In other words, do NOT do it!

The malware that hides in the fake NumRent app is called RatMilad by the Zimperium team.

RatMilad is particularly dangerous because it can:

  • Access your contact list, text messages and call logs.
  • Read account names and permissions on your device.
  • View clipboard data.
  • Retrieve GPS location data.
  • Read, write and delete files.
  • Record sounds and conversations from the phone.

RatMilad allows malicious actors to access account credentials on your phone and can even let them make phone calls and send text messages.

Even though this attack targets people in the Middle East, you should be aware that it can happen anywhere. If you download apps from links found on social media or in unsolicited text messages or emails, you put your device at risk of infection. Don’t. Always stick with the official app stores.

What can you do about it

There are a few things you can do to make sure your device isn’t infected with malware. The most important thing is only to download apps from official app stores. Obtaining apps from untrusted sources can cause your device to be infected with malware.

Here are some other suggestions.

  • Only download apps from official app stores. Always go to the official source and check that you are installing the correct app.
  • Keep your phone up to date with the latest patches and fixes. We alert you to those that are on Komando.com. Tap or click here to try Kim’s free newsletters and receive alerts straight to your inbox.
  • Use two-factor authentication and password managers for better security. Tap or click here for more details on 2FA.
  • Pay attention to permissions. Stay away if an app wants full access to your text messages or notifications.
  • Have reliable antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for just $19 at ProtectWithKim.com. That’s over 85% off the regular price!

keep reading

Use this simple and free check to see if a site or file contains malware

Malware Alert: Don’t ignore this warning on your phone