cellik
Cellik is an Android malware offering advertised on the dark web. Based on the provided content, it is positioned as a malware service with remote access trojan capabilities and is sold for a starting price of $150 for one month or $900 for a lifetime licence. Reported capabilities include real-time screen streaming, keylogging, remote camera and microphone access, data wiping, hidden web browsing, notification interception, app overlays to steal credentials, and a one-click APK builder that can bundle its payload with legitimate Google Play apps. The content describes Cellik as part of a broader trend of professionally engineered Android malware families. No high-confidence attribution to a specific threat actor, subgroup, or nation state is provided in the content. Known alias in the content: cellik.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.