Glitch SPY RAT Targets Android Users via Fraudulent Rental Platform
ID: 3a0b2c6d-8e9a-58c1-9cd2-9bb7007a2964
STIX ID: report--3a0b2c6d-8e9a-58c1-9cd2-9bb7007a2964
Feed Name: ThreatCluster
A new Android Remote Access Trojan called Glitch SPY is being distributed through a fake Polish housing rental site using the Brokewell Android Loader; it leverages Android Accessibility Service to gain full device control, supports over 70 remote commands via persistent C2, and features a modular design for rapid customization. Zimperium reports that its Mobile Threat Defense detects both the dropper and payload without requiring updates, and the attack vector primarily targets users who sideload the malicious APK.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
