Spynote is a Remote Access Trojan that initially surfaced in 2020. Since then, it has grown into one of Android's most common malware families, with multiple samples, integration of other RATs (e.g., CypherRat), and a large family of over 10,000 samples. There are numerous variants and integrations of other RATs, and since 2023, there has been a growing interest in financial institutions.
On 1 February 2024, analysts found a malicious sample posing as a legitimate crypto wallet that included th