Check Point exposes Android malware vendor using dark net to rebrand products 13 Jan 2021 Check Point security researchers have exposed an Android malware vendor using a marketer on the dark net to rebrand its products, with the intention of supercharging business and throwing off security vendors. The malware vendor, which goes by the name “Triangulum”, first joined the dark net in early 2017. Triangulum’s initial product was a mobile RAT (remote access trojan), capable of data exfiltration from C&C servers and destroying local data – even deleting entire operating systems. Four months later, Triangulum began to offer its first android malware for sale, Check Point says.