BTMOB Android RAT Spreads Through No-Code Builder Tooling
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures
No-code platforms can speed development but may introduce insecure workflows, excessive permissions, and data exposure when security controls are overlooked.
Search across headline titles and summaries.
Background for this topic.
No-code is software development through visual builders, forms, workflows, and pre-built components rather than hand-written application code. It lets non-specialists create internal tools, automate business processes, and connect services, while the platform usually operates the underlying runtime and infrastructure. The term can include low-code products, but this tag focuses on applications built with little or no custom programming.
Security risk often shifts from source-code flaws to configuration, identity, and data-flow decisions. A rapidly created app may expose sensitive records through excessive permissions, weak authentication, public sharing, or an unsafe third-party integration; embedded scripts, connectors, and uploaded secrets can also expand the attack surface. Security teams should maintain an inventory of no-code apps and their owners, review permissions and data retention, enforce approved connectors and secret handling, and assess vendor controls. Testing should cover authorization and workflow abuse, while logging and documented ownership support vulnerability remediation and incident response.
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures