A new Android malware-as-a-service called Cellik is offered on underground forums, enabling attackers to embed malicious code into apps from Google Play Store. Its advanced features include screen streaming, notification interception, and app injection, which can help evade detection and bypass Google Play Protect. #Cellik #AndroidMalware #GooglePlayStore #TrojanApps
Keypoints
- Cellik is an advanced Android malware offered as a malware-as-a-service on underground forums.
- It allows attackers to create trojanized versions of trusted apps from Google Play Store.
- The malware can capture screens, intercept notifications, exfiltrate files, and wipe data.
- Cellik features a hidden browser mode and app injection capabilities for credential theft and malicious payloads.
- The malware claims to bypass Google Play Protect by wrapping its payload within trusted apps.