A new iteration of the Mandrake spyware has been discovered, infecting over 32,000 devices via applications on Google Play. The spyware, analyzed by Kaspersky researchers, remained undetected for two years by using advanced obfuscation, evasion tactics, and secure communication methods. The infected apps, including one with over 30,000 installations, concealed malicious functions in native libraries and used a multi-stage infection chain to steal user credentials and deploy additional malware. This sophisticated approach highlights the evolving nature of mobile threats and the need for stricter app marketplace controls.