Cellik Android malware builds malicious versions from Google Play apps www.bleepingcomputer.com/news/secu…
A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store.
Specifically, attackers can select apps from Android’s official app store and create trojanized versions that appear trustworthy and keep the real app’s interface and functionality.
By providing the expected capabilities, Cellik infections can go unnoticed for a longer time. Additionally, the seller claims that bundling the malware this way may help bypass Play Protect, although this is unconfirmed.
Mobile security firm iVerify discovered Cellik on underground forums where it is offered for $150/month or $900 for lifetime access.
