Mirax Android RAT: Meta Ads Push SOCKS5 Proxy Malware
A new Android remote access trojan, dubbed Mirax, is actively making the rounds, primarily targeting Spanish-speaking regions. According to The Hacker News, this campaign has leveraged Meta’s advertising platforms—Facebook, Instagram, Messenger, and Threads—to reach a staggering 220,000 accounts.
Mirax isn’t just a basic info-stealer; The Hacker News reports it comes packed with advanced RAT capabilities. This allows threat actors to gain full, interactive control over compromised devices. The real kicker? It turns these compromised Android devices into SOCKS5 proxies, effectively weaponizing user devices to anonymize malicious traffic. This tactic makes attribution a nightmare and expands the attackers’ operational infrastructure significantly.
What This Means For You
- If you're in a Spanish-speaking country and use Meta platforms, you might be targeted. This isn't just about data theft; your device could become a node in a cybercrime network. Be extremely wary of ads, even on trusted platforms. Always scrutinize app permissions and stick to official app stores. If you suspect compromise, disconnect from the network and perform a factory reset.
Related Posts
JanaWare Ransomware: Turkish Citizens in the Crosshairs
The cybercriminal landscape is a constantly shifting beast, and new ransomware strains are always emerging. According to The Record by Recorded Future, a new player...
Microsoft Drops Windows 10 Extended Security Update
Microsoft has rolled out the Windows 10 KB5082200 extended security update, a critical patch addressing vulnerabilities initially slated for the April 2026 Patch Tuesday. According...
McGraw-Hill Confirms Breach via Salesforce Misconfig
Education giant McGraw-Hill has confirmed a data breach following an extortion attempt, as reported by BleepingComputer. The incident, which saw hackers gain access to internal...