As remote work continues, remote collaboration platforms are being targeted by cyber criminals. Meanwhile, other platforms are being used on smartphones to transfer data securely. In the midst of this, a Rogue RAT trojan is being used to steal data from android devices, to deliver further payloads and to takeover the device remotely. Researchers detail Rogue RAT which exploits Google’s Firebase development platform, targets Android devices to exfiltrate personal data and can deliver other malware, which provides even low-level cybercriminals with the ability to read your messages, steal your passwords, and even record your calls. A new combination of two older types of malware, which provides hackers with access to almost everything a user does on an Android smartphone, is up for sale on underground forums for as little as $29.99. The ‘Rogue’ remote administration tool (RAT) infects victims with a keylogger, allowing attackers to easily monitor the use of websites and apps in order to steal usernames and passwords, as well as financial data. Once a hacker uses the Trojan, portrayed to victims as a legitimate app, to infect a device, the malware can exfiltrate data, such as photos, location information, contacts and messages. It also can download additional malicious payloads, including mobile ransomware. Moreover, when Rogue successfully gains all of the required permissions on the targeted device, it hides its icon from the device’s user to ensure it will not be easy to get rid of it. If all of the required permissions are not granted, it will repeatedly ask the user to grant them. If the user tries to revoke the admin permission, an onscreen message designed to strike terror in the heart of the user appears: ‘Are you sure to wipe all the data?’ The Rogue RAT takes advantage of a targeted device’s Android Accessibility Services, which are designed to assist users with disabilities. These services generally run in the background but can access apps and other components within an Android device. By accessing these services, hackers can gain control over a device without the victim knowing.