Pakistani state-sponsored hackers (Transparent Tribe / APT36) are targeting TikTokers and gamers with CapraRAT spyware hidden in four fake Android apps. Meanwhile, researchers at Drexel University developed MISLNet — an AI deepfake detector that identifies AI-generated video with 98.3% accuracy, outperforming every other tool currently available.
Stories Covered
CapraRAT Android Spyware: Pakistani APT36 Targets TikTokers and Gamers with Fake Apps
Sentinel Labs researchers identified four malicious Android apps distributing CapraRAT — an Android Remote Access Trojan attributed to Transparent Tribe (also tracked as APT36 and Operation C Major), a Pakistani state-linked threat actor active since 2016 with a history of targeting Indian victims. The four apps — a fake CrazyGames clone (com.maeps.crygms.tktols), a “Sexy Videos” app, a TikTok-branded downloader, and a clone of the “Forgotten Weapons” YouTube channel — were designed to attract downloads through recognizable brand names or exploitative content. Once installed, the apps request an extensive permission set: SMS access, contact lists, GPS location, storage read/write, camera, audio recording, screen recording, call history, call-making, and network state management. A video-viewing or gaming app has no legitimate use case for the majority of these permissions, but the social engineering vector (a game, a video app) reduces user scrutiny.
The updated campaign incorporates a WebView feature — an in-app browser component — to load legitimate-looking content and reduce immediate suspicion. For the TikTok clone, the app likely loads YouTube content in a WebView to simulate a functional experience while the spyware payload runs in the background harvesting the permitted data. CapraRAT has been in use by Transparent Tribe since at least 2021 in various forms; the 2024 variant reflects an ongoing evolution of the malware rather than a new actor. The defense against sideloaded or Play Store-mimicking spyware is consistent: only install apps from official stores (Google Play), scrutinize permission requests against what the app actually needs to function, and treat any app requesting call-making or SMS-access permissions that isn’t a communication tool as a red flag.
MISLNet: AI Deepfake Detector Hits 98.3% Accuracy by Analyzing Sub-Pixel Video Patterns
Researchers at Drexel University published results from MISLNet, a constrained neural network trained to detect AI-generated video by analyzing patterns at the sub-pixel level. Prior deepfake detection tools were trained on the artifacts left by video editing software — inconsistencies in pixel relationships between frames that arise from tools like Premiere or After Effects manipulating existing camera footage. AI-generated video (from tools like Sora or Luma) doesn’t pass through a camera or video editor, so it doesn’t carry those artifacts. MISLNet was trained to detect the different telltale signatures that generative AI leaves behind in how it constructs pixel relationships across frames. The result: 98.3% accuracy on AI-generated video, outperforming the next-best competing tool by approximately 5.3 percentage points. At scale — millions of videos on social platforms — a 5-point accuracy gap translates to tens of thousands of correctly classified videos that other tools miss. Overfitting was a concern during development; the 98.3% figure represents real-world test data, not training data performance.
Leave a Reply