.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
BTMOB-Driven Android Malware
Emerging Risk in Pakistan
Overview
CTM360 analyzed an Android application presented as a repackaged notes/IPTV-style app. The sample showed behavior consistent with a multi-component Android threat: a BTMOB-style remote access component and a mining-related communication path. Although this malware has been observed worldwide, this report specifically focuses on its emergence in Pakistan.
The strongest observations are BT-MOB identifiers, device enrollment traffic, installed-application inventory collection, screen and foreground-application telemetry, remote options for keylogging and notification harvesting, and a mining-related endpoint on port 8443.
Read the full report and explore CTM360’s latest insights and threat intelligence.