"Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real time, enhancing its operational value significantly."
"Beyond traditional RAT behavior, Mirax enhances its operational value by turning infected devices into residential proxy nodes, leveraging SOCKS5 protocol support and Yamux multiplexing."
"The incorporation of a SOCKS proxy allows threat actors to get around geolocation-based restrictions, evade fraud detection systems, and conduct account takeovers under increased anonymity."
Mirax is an emerging Android remote access trojan actively targeting Spanish-speaking countries, affecting over 220,000 accounts on platforms like Facebook and Instagram. It features advanced RAT capabilities, enabling real-time interaction with compromised devices. Mirax also transforms infected devices into residential proxy nodes, utilizing SOCKS5 protocol and Yamux multiplexing for persistent proxy channels. The malware can capture keystrokes, steal photos, and monitor user activity. It offers a private malware-as-a-service option for threat actors, enhancing its operational value by allowing evasion of geolocation restrictions and fraud detection systems.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]