I smell a RAT — new Android malware can hack every top phone maker's security, and costs less than a second-hand iPhone
Summary
Oblivion, a sophisticated Android RAT, circumvents permissions, intercepts messages, and grants hidden remote control over devices from major brands like Samsung, Xiaomi, and OPPO, raising significant concerns about mobile security and user privacy.
Key Insights
What is a RAT and how does Oblivion differ from typical malware?
A Remote Access Trojan (RAT) is malware that grants attackers hidden, full remote control over a device, allowing actions like intercepting messages and keystroke logging without user awareness. Oblivion stands out by automating permission bypasses, such as Accessibility Service, using a point-and-click builder for easy deployment, and targeting Android 8-16 across brands like Samsung and Xiaomi.[1][2]
Sources:
[1]
How does Oblivion bypass Android security features like Accessibility Service?
Oblivion automatically grants itself Accessibility Service permissions without user interaction, evading restrictions on major interfaces like Samsung One UI and Xiaomi HyperOS, even on Android 16. It uses stealth modes, fake update droppers mimicking Google Play, and Screen Reader functionality to bypass black-screen protections in banking apps.[1][2][3]