BTMOB Android malware service generates custom phishing payloads

📅 28 May 2026 at 21:10 UTC📰 Bleeping ComputerView original source ↗

An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [...]

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

BTMOB is a malware-as-a-service Android remote access trojan that generates custom phishing payloads, primarily targeting Brazil and Latin America with a monthly subscription of $700 or a lifetime license for $5,000.

⚙️Technical Details

💥Impact Assessment

Severity: critical

Who Is at Risk

Android users in Brazil and Latin America

🛡️Recommended Actions

1Install only apps from the official Google Play Store on Android devices

2Scan with Play Protect and revoke risky permissions, such as Accessibility access, if not explicitly needed

3Regularly update operating system and security patches

📦Affected Products

Operating System: AndroidSoftware: Google Play Store

Read the full article

This is a curated summary. The complete article is available at Bleeping Computer.

Read on Bleeping Computer ↗

← Back to feed