CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Cellik Android Malware-as-a-Service Leverages Google Play Apps

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground forums. It offers capabilities to embed malicious code into legitimate Google Play apps, creating trojanized versions that appear trustworthy. The malware can capture screen activity, intercept notifications, exfiltrate files, and communicate via encrypted channels. It is sold for $150/month or $900 for lifetime access. Cellik's ability to integrate with Google Play apps may help it bypass Play Protect, although this claim is unconfirmed. The malware can overlay fake login screens, inject malicious code into apps, and turn trusted apps rogue. Users are advised to avoid sideloading APKs, keep Play Protect active, review app permissions, and monitor for unusual activity.

Timeline

  1. 17.12.2025 00:59 1 articles · 22h ago

    Cellik Android Malware-as-a-Service Discovered

    A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground forums. It offers capabilities to embed malicious code into legitimate Google Play apps, creating trojanized versions that appear trustworthy. The malware can capture screen activity, intercept notifications, exfiltrate files, and communicate via encrypted channels. It is sold for $150/month or $900 for lifetime access. Cellik's ability to integrate with Google Play apps may help it bypass Play Protect, although this claim is unconfirmed. The malware can overlay fake login screens, inject malicious code into apps, and turn trusted apps rogue. Users are advised to avoid sideloading APKs, keep Play Protect active, review app permissions, and monitor for unusual activity.

    Show sources
    Open in new tab

Information Snippets