A newly identified Android remote access trojan known as Mirax is actively targeting users with capabilities that extend beyond traditional banking malware. Distributed through malicious apps and social-engineering lures, the RAT enables attackers to gain full control of infected devices, including screen monitoring, credential harvesting, and remote command execution. By operating within legitimate apps, it can bypass common security checks and facilitate unauthorized transactions or data exfiltration. The campaign highlights how modern mobile malware blends financial fraud with surveillance, reinforcing the need for strict app controls, minimal permissions, and continuous behavior-based monitoring.
Read the full report here.