Malware and computer viruses have become increasingly complex as technology evolves. A recent report from security firm iVerify has identified a new Android malware known as Cellik. This type of malware, classified as a Remote Access Trojan (RAT), is particularly concerning due to its ability to conceal itself within legitimate apps available on the Google Play Store, enhancing its potential for widespread distribution.
Cellik allows attackers to gain complete control over infected devices. It can stream the device’s screen in real time, intercept notifications, log keystrokes, and run hidden browsers to hijack active sessions. This functionality enables attackers to steal credentials from banking apps, Gmail, Facebook, and other sensitive services without the user’s awareness.
The malware spreads by embedding itself in popular Play Store apps, making it difficult to detect. Once installed, it can access the entire file system, upload and download files, and use advanced techniques to overlay fake login screens. This deceives users into providing their credentials directly to attackers. Cellik is part of a growing trend of malware-as-a-service, allowing even inexperienced cybercriminals to deploy sophisticated spyware.
To protect against Android malware like Cellik, users should take several precautions. First, review app permissions carefully before installation. If a simple game or utility app requests access to messages, calls, or accessibility services, it may be suspicious.
Additionally, check app reviews and developer information before downloading. Legitimate apps typically come from established developers with clear track records. Keeping the Android device updated with the latest security patches is also crucial, as these updates often include protections against threats.
Lastly, ensure that Google Play Protect is enabled. This feature provides automatic protection against known malware. However, the most effective defense is to remain cautious about what is installed. Security researchers recommend avoiding sideloaded apps from unknown sources to significantly reduce the risk of infection.
—
