G700 RAT, an advanced variant of Craxs RAT, targets Android devices and cryptocurrency applications. It employs sophisticated techniques like privilege escalation, phishing, and malicious APK distribution to infiltrate devices. The malware bypasses authentication, captures sensitive data, and manipulates legitimate app functions, allowing attackers to perform illicit actions undetected. Developed in C# and Java, it exploits mobile app security gaps, intercepts SMS messages, abuses Android permissions, and hijacks crypto transactions. G700 RAT uses persistence and obfuscation techniques, including Base64 encoding and APK encryption, to evade detection. Distributed through darkweb forums and Telegram channels, it poses a growing threat to device security, especially in cryptocurrency and financial environments. Author: AlienVault
Related Tags:
transaction hijacking
apk distribution
Craxs RAT
G700 RAT
T1108
T1548.003
T1171
privilege escalation
T1548.002
Associated Indicators:
65AD213F9C6403308CBC805EBE122E08C52C8D21D1B4F8EFD0F406E2D448BDEF
313804EA8FDA918FF8A909F2367E903B030C3AA305E320D20A865FD6B19D062B