New Trojan HeroRat gets on the device via Telegram-bot


ESET discovered an Android Trojan HeroRat that fall within the user device through a Telegram bot that is hitting computers, steals data.

HeroRat as a backdoor providing the hacker the ability to remotely control any compromised device.

RAT-Trojan rental

In addition, the creators offer a Remote Administration Tool Trojan to rent scheme Malware as a Service. Moreover, the malware is offered as a package of services, divided into three separate types:

  • Gold will cost $100;
  • Silver at $50;
  • Bronze – $25.

The source code of the malware can be purchased for $650 with service of technical support.

HeroRat gets into victims ‘ computers via unregistered app stores on Android, instant messengers and social networks.

Methods of malware

Hackers successfully disguised under various Trojan applications offering free mobile Internet, gift Bitcoins or lifting of a topic in social networks. The application Google Play such Trojan are detected. The greatest number of affected users is marked in Iran.

Operators HeroRat control of infected devices via the Telegram with the bot. Once in the user’s computer, the Trojan allows the hackers to intercept messages and redirect to other addresses to steal contacts, change settings, make calls, take screenshots, change the indicators to the device’s location.

If you find an error, please highlight the text and press Ctrl+Enter.


Please enter your comment!
Please enter your name here

20 − fourteen =