Canis C2 Exposed: Previously Undocumented Cross-Platform Surveillance Framework Targeting Japan

This report details the discovery and analysis of "Canis C2", a previously undocumented, multi-platform surveillance framework delivered via Japanese-language phishing lures (including a malicious Android APK). Analysts found exposed API endpoints and payloads on an Oracle-hosted server, administrative dashboards, command logs showing testing and credential-stealing capabilities, browser-based canvas fingerprinting, iOS-targeting checks that reference exploit mitigations, and multiple associated domains and IPs; mitigations and IOCs are provided for defenders.