Now that we have the program up and running, it’s time to build an Android application with a backdoor. At the top of the screen, select “APK Builder.” The first thing to change is “Source IP.” This needs to be the IP address of the computer you’ll be sending and receiving commands from.
Step 3. Deploy the RAT
Now that you have a working APK, it’s time to deploy it by downloading it on the target Android device. All of the standard attack methods apply — anything to get the user to download the APK. Social engineering tends to work best. For example, if you know the person, then recommend an app to them and infect it.
By far the most effective method is if you have physical access to the phone, it only takes a few seconds to download and hide it. If you chose this method, then an easy way to do it is by saving the APK to Google Drive and sending the phone a link. On most phones, the download should only take a second or two.
If the Android phone doesn’t want to install it, they probably never enabled “Unknown sources” in their settings. Open up the Settings, then go to “Security” and check “Unknown sources.” This is how apps that come from outside the Google Play Store can be installed.
Step 4. Start to Listen
In the top left of the AhMyth screen, select the “Victims” tab, then change the
Port number to the one you are using. You can also leave it blank for the default. Next, click on “Listen.” Once this is done, and the RAT is running properly on the victim, then it should appear here along with some basic info.
Step 5. Open the Lab
Now that you have a RAT up and running on the target device, you can start doing remote administration. Click on “Open The Lab” button, and a new pop-up window will appear. If you’re familiar with other Android RATs like
Cerberus, then you might be a little disappointed with how few features there are, but I would remind you that this is still only in the beta stages.
The features it does currently have are quite powerful. Let’s take a look at a few of them. The “File Manager” is great because it lets you see everything on the device right down to the firmware. With this, you could potentially uncover all sorts of sensitive information, whether that be passwords and session cookies or compromising photos.
Another feature is the ability to record audio via “Mic.” Since people take their phones with them everywhere they go, you, in effect, have a bug, or listening device, on them at all times.
Along the same lines as the last one, you also have a tracking function (“Location”) so you can not only know what they said, but also where they said it. One note on this, however, is that it can be fooled by a simple GPS spoofer application. I used one on the victim device to take the screenshot below.
If you really like to sow chaos, then you’ll love this next feature: the ability to not only read but also send “SMS” messages. A simple way to use this would be to hack someone’s Facebook by resetting their password with an SMS text, then use the code that is sent. You can use your own imagination for all the things you can do by sending messages from the target’s phone.
Now you may have noticed that I skipped over the “Camera” feature. I did that because I was unable to get it working on my device, which could just be a problem with the old Android I was using for testing. In principle, it’s supposed to allow you to send commands to take pictures with the front or rear camera and have them sent back to you.
Protecting Yourself from Android RATs
There’s not a whole lot you can do to protect yourself from RATs in general, but one thing you can do is not install Android apps that aren’t from the Google Play Store. This doesn’t mean that all the Google Play apps are safe, but they are much safer than some random app found online since Google does scan them for malware to the best of their abilities.
Installing from “Unknown sources” is disabled by default in Android, but if you allow this, you also greatly increase your risk as you will no longer get the security prompt. If you do ever have a legitimate reason to download an APK from outside Google Play, be sure to tap “Allow this installation only,” otherwise you could accidentally permanently enable “Unknown sources.”
Another way to protect yourself is to not take your phone to important meetings or anywhere you don’t want people listening. Also, be careful who you let have your phone, as it only takes a few seconds to download one of these RATs. An example of this can be found in
Mr. Robot, when Tyrell Wellick installed malware on an employee’s Android phone in seconds.
One more probably obvious way to help prevent malicious software from installing on your Android device: keep it up to date. Install software updated when they come out, as Google and OEMs push on security fixes in almost every update, not just new features.
And last but not least, you can consider installing antivirus software on your Android device. This will not help you out all of the time, but it’s better than nothing. You can find a good list of antivirus apps for Android over on Gadget Hacks.
Thanks for reading! If you have any questions, you can ask them here in the comments below or on Twitter