New BTMOB Malware Enables Remote Control of Android Devices

BTMOB is an Android remote access trojan (RAT) evolved into a MaaS platform that enables full device takeover, data exfiltration, screen capture, and persistent access via abused Android Accessibility Services; operators distribute it through phishing sites and fake app stores and market it openly (Telegram, X, Instagram) with a no‑code APK builder that lowers the barrier for low-skilled criminals. Indicators (SHA256 hashes and C2 URLs) and regional campaigns (e.g., impersonating Argentine government agencies) are provided, and ESET detections and mitigation recommendations (use official app stores, mobile security/MDM, user training) are included.