New BTMOB Android Malware Enables Full Device Takeover
Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access. The post New BTMOB Android Malware Enables Full Device Takeover appeared first on SecurityWeek.
The BTMOB remote access trojan (RAT) is becoming a heightened threat to Android users due to its data theft and device takeover capabilities, ESET warns.
Believed to be based on the SpySolr malware, BTMOB is distributed via phishing attacks leveraging lures such as streaming, cryptocurrency mining, and other familiar services.
Its developers, however, sell it bundled with an APK builder interface, allowing threat actors to tailor lures and create new payloads based on their target geographies, without writing code.
Source: https://www.securityweek.com/new-btmob-android-malware-enables-full-device-takeover/
Related breach coverage
- Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches2026-06-02
A stack-based buffer overflow bug can be exploited for remote code execution on a vulnerable device. The post Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches appeared first on SecurityWeek.
- BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone2026-05-29
BTMOB sells Android full-device takeover as a kit, no coding needed. It steals data, records screens, and hands attackers remote control for $5,000 lifetime. Most Android malware requires at least some technical competence to deploy, but the BTMOB doesn’t. The developers sell it with a built-in APK builder that lets buyers generate new malicious apps, […]
- Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks2026-05-19
Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based attack chains. The post Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks appeared first on SecurityWeek.
- Researcher Drops YellowKey, GreenPlasma Windows Zero-Days2026-05-14
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System. The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek.