PJobRAT, a malware family previously targeting Indian military personnel, has shifted focus to users in Taiwan through malicious chat applications such as SangaalLite and CChat. First identified in 2021, PJobRAT is capable of stealing sensitive information including SMS messages, contacts, and device metadata. The malware utilizes deceitful personas, often posing as romantic lures, to trick users into downloading it. Recent telemetry data suggests this campaign began around January 2023 and paused around October 2024, highlighting the continuous evolution of cyber threats in mobile security, especially in geopolitical contexts.
PJobRAT, an Android malware previously targeting Indian military personnel, has been linked to a new campaign likely aimed at Taiwan users disguised as chat apps.
The malware can steal SMS messages, contacts, device information, and media files, showcasing the evolving threats to mobile security.
Samples of PJobRAT have been found masquerading as dating and instant messaging apps to trick victims into downloading the malicious software.
Telemetry data indicates that the malware targeted users through fake chat applications available for download from various WordPress sites, marking an organized intrusion effort.
Collection
[
|
...
]