Name of Malware: PrizeRAT (Andr/Xgen2-CY)

Type of Malware: Trojan, backdoor

Affected Operating Systems: Android (4.1.2 - 10)

Affected Device Types: Mobile phones, smartphones, tablets

Impact: high

What is PrizeRAT?

PrizeRAT is a trojan for Android devices. Its functions include unauthorised user tracking, stealing passwords and the silent installation of additional applications without the user's permission. As the malware is part of the firmware of the device, it is not generally recognised by anti-virus solutions for Android. The risk affects a limited group of mobile end devices made by Chinese manufacturers for the low-price segment.

How did I get infected with PrizeRAT?

In most cases, PrizeRAT is already pre-installed on the infected device on delivery. A list of affected devices and firmware versions can be found in this press release.

What do I have to do now?

The device that is at risk can be cleaned by updating the manufacturer's firmware. However, not all manufacturers have provided an up-to-date version of their firmware.