A new Python-based malware has been spotted in the wild featuring remote access trojan (RAT) capabilities to give its operators control over the breached systems.

Device manufacturers use “platform certificates” to verify an app’s authenticity, making them particularly dangerous in the wrong hands.

The malware, called TorrentLocker, popped up last month, targeting users in Australia, according to iSight Partners, a security consultancy. It now appears to be also geo-targeting victims in the U.K.