{"id":222972,"date":"2026-05-31T02:25:05","date_gmt":"2026-05-31T06:25:05","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/31\/new-btmob-android-malware-enables-full-device-takeover-2\/"},"modified":"2026-05-31T02:25:08","modified_gmt":"2026-05-31T06:25:08","slug":"new-btmob-android-malware-enables-full-device-takeover-2","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/31\/new-btmob-android-malware-enables-full-device-takeover-2\/","title":{"rendered":"New BTMOB Android Malware Enables Full Device Takeover"},"content":{"rendered":"

New BTMOB Android Malware Enables Full Device Takeover<\/a><\/p>\n

https:\/\/www.securityweek.com\/new-btmob-android-malware-enables-full-device-takeover\/<\/a><\/p>\n

Publish Date: 2026-05-28 09:05:04<\/a><\/p>\n

Source Domain: www.securityweek.com<\/a><\/p>\n

Summary<\/strong><\/p>\n

ESET has highlighted that the BTMOB remote access trojan (RAT) poses a significant threat to Android users due to its ability to steal data and gain control over devices. The malware, believed to be derivated from SpySolr, is distributed primarily through phishing tactics that appeal to streaming or cryptocurrency services. Its creators sell it alongside an APK builder toolkit, enabling even non-coders to customize phishing lures tailored to specific geographic targets. The BTMOB kit is sold for $5,000 with monthly support, although a dark web version was briefly available for free. When installed, the RAT leverages Android\u2019s Accessibility Services to inflate its privileges without user knowledge, leading to extensive data theft, screenshot capturing, and device control. Notably, ESET observes a rapid evolution of the RAT with frequent variants, yet certain infrastructure elements remain unchanged. While primarily active in Latin America, ESET maintains that the broader threat transcends this region.<\/p>\n

Key Points:<\/strong><\/p>\n