{"id":227267,"date":"2025-12-17T01:30:07","date_gmt":"2025-12-17T07:30:07","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/12\/cellik-android-malware-builds-malicious-versions-from-google-play-apps"},"modified":"2025-12-17T01:30:07","modified_gmt":"2025-12-17T07:30:07","slug":"cellik-android-malware-builds-malicious-versions-from-google-play-apps","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/12\/cellik-android-malware-builds-malicious-versions-from-google-play-apps","title":{"rendered":"Cellik Android malware builds malicious versions from Google Play apps"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/cellik-android-malware-builds-malicious-versions-from-google-play-apps.jpg\"><\/a><\/p>\n<p>A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store.<\/p>\n<p>Specifically, attackers can select apps from Android\u2019s official app store and create trojanized versions that appear trustworthy and keep the real app\u2019s interface and functionality.<\/p>\n<p>By providing the expected capabilities, Cellik infections can go unnoticed for a longer time. Additionally, the seller claims that bundling the malware this way may help bypass Play Protect, although this is unconfirmed.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store. Specifically, attackers can select apps from Android\u2019s official app store and create trojanized versions that appear trustworthy and keep [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,1512],"tags":[],"class_list":["post-227267","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-mobile-phones"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/227267","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=227267"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/227267\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=227267"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=227267"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=227267"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}