Over 11,000 Android devices, particularly in Portugal, Spain, France, Morocco, Peru, and Hong Kong, have been injected with the newly emergent PlayPraetor remote access trojan, which has a Chinese command-and-control panel, reports The Hacker News.Operators of PlayPraetor have unveiled five different variants of the malware, one of which is the Phantom iteration mainly aimed at Portuguese-speaking targets that exploits Android's accessibility services to facilitate takeovers, according to an analysis from Cleafy. Other versions of PlayPraetor worked as a fake Progressive Web App, a WebView-based app, and a RAT, as well as a code-based phishing tool. "The campaign's success is built upon a well-established operational methodology, leveraging a multi-affiliate MaaS mode. This structure allows for broad and highly targeted campaigns," said Cleafy researchers. Such findings come as an updated iteration of the ToxicPanda Android malware was reported by Bitsight to have compromised almost 3,000 devices, most of which were in Portugal.
Threat Intelligence, Malware
Widespread Android targeting conducted by novel PlayPraetor trojan

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



