The Reveal Platform
Intel Name: Spymax android malware
Date of Scan: June 27, 2025
Impact: Medium
Summary: A variant of the Android-based Remote Access Trojan (RAT) known as SpyMax is currently being distributed through social engineering campaigns. Cybercriminals are targeting mobile users by spreading fake apps—such as counterfeit versions of Telegram or wedding invitation apps—via messaging platforms like WhatsApp. These malicious apps are disguised as legitimate software to trick users into granting extensive permissions. Once installed, the malware gives attackers full control over the infected device and exfiltrates sensitive data including contacts, SMS messages, banking OTPs, and notification content to a remote attacker-controlled server.
