Key findings from our analysis include:

Advanced Surveillance Capabilities:

• Utilizes technologies like WebRTC for real-time audio and video streaming.
• Abuses Accessibility Services to intercept user interactions.

Comprehensive Data Exfiltration:

• Collects and transmits a wide range of personal data, including messages, call logs, and location information.

Persistence Mechanisms:

• Employs techniques to remain active on the device, such as auto-start on boot and misuse of device administrator privileges.

Abuse of Legitimate Services:

• Utilizes Firebase Cloud Messaging to establish command and control channels, disguising its communications as legitimate traffic.

Indicators of Compromise (IoCs):

• Identified specific URLs, IP addresses, file hashes, and other artifacts associated with Celular 007.

Need for Collective Protection:

• Highlights the importance of collective defense strategies and community awareness to combat such invasive tools.