A new Android malware called Mirax RAT has been targeting users across Europe through malicious ads on Facebook and Instagram, reaching more than 200,000 users with fake IPTV app promotions. The sophisticated remote access trojan not only steals credentials and allows full device control, but can also turn infected phones into residential proxy nodes for routing malicious traffic. Security firm Cleafy warns that while primarily used by Russian-speaking cybercriminals against European targets, the malware's proxy capability represents a concerning new threat to banks and other institutions.