A new mobile remote access trojan (RAT) for Android called Monokle, has been reported using novel techniques to exfiltrate data. Monokle uses a range of intrusive capabilities to conduct various types of cyberattacks. The trojan is distributed to targets via fake apps camouflaged as genuine apps such as Google Play, Skype, UC Browser, Pornhub, etc
So far Monokle is directed only against Android devices. The researchers found several references to a planned iOS version, including unused commands and data transfer objects in its source code. Typically, victims are infected when they download trojanized versions of what appear to be legitimate Android applications that otherwise operate as intended...
The attacker can use Monokle to steal the following information:
Countermeasures: