PlayPraetor's evolving threat: How Chinese-speaking actors globally scale an Android RAT
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A large-scale Malware-as-a-Service operation, orchestrated by Chinese-speaking threat actors, has infected over 11,000 Android devices globally with the PlayPraetor Remote Access Trojan. The campaign primarily targets Europe, with significant presence in Portugal, Spain, and France, but also affects Africa, Latin America, and Asia. The botnet is expanding rapidly, with over 2,000 new infections weekly, focusing on Spanish and French speakers. The operation is managed through a sophisticated Chinese-language Command and Control panel, supporting multiple affiliates. PlayPraetor abuses Android's Accessibility Services to gain real-time control over compromised devices, targeting nearly 200 banking apps and cryptocurrency wallets worldwide.
OPENCTI LABELS :
rat,banking,botnet,android,cryptocurrency,maas,accessibility services,playpraetor
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
PlayPraetor's evolving threat: How Chinese-speaking actors globally scale an Android RAT