Experts Warn of Android Malware sold on Hacking Forum.

Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan (RAT) capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook, Instagram, WhatsApp, Skype, Telegram, Kik, Line, and Google Messages.

“The product was a mobile RAT, targeting Android devices and capable of exfiltration of sensitive data from a C&C server, destroying local data – even deleting the entire OS, at times,” the researchers said.

he vendor, who goes by the name of “Triangulum” in a number of darknet forums, is alleged to have opened up shop to sell the malware three years ago on June 10, 2017, according to an analysis published by Check Point Research.