Threat actors don’t have to work that hard to obtain sophisticated malware to deploy against unsuspecting targets. A new spyware platform known as ZeroDayRAT is reportedly being sold on Telegram, complete with customer support and updates.
According to mobile security company iVerify, this aggressive spyware grants full remote control over devices running Android 15 through 16 and iOS versions up to iOS 26. Once deployed, it allows everything from user profiling and location tracking to live surveillance and financial theft.
What ZeroDayRAT can gather from your device
This spyware has wide-ranging capabilities that, according to iVerify, have traditionally been found on platforms sponsored by state actors. Here’s a look at what ZeroDayRAT can do:
-
Collect information about the device, such as model, OS, battery, country, lock status, SIM and carrier info, app usage, live activity, and SMS message previews. This allows threat actors to develop user profiles for further targeting.
-
Pull GPS coordinates, capture notifications from apps and systems, and harvest account information, such as usernames and emails.
-
Send SMS messages and receive verification codes to bypass two-factor authentication.
-
Log keystrokes (including biometric unlocks, gestures, and app launches), access the camera and microphone, and screen record.
-
Log crypto wallet addresses and target banking and payment app credentials via overlay attacks.
How to protect against spyware
ZeroDayRAT can infect your device only if a malicious binary—an APK on Android or iOS payload—is downloaded and installed. These may be distributed through phishing, such as links sent via emails, texts, or messaging platforms, as well as in fake app stores.
All standard guidance for avoiding scams and malware applies: never click links in unsolicited communication, including conversations in apps like Telegram and WhatsApp, and only download apps and extensions from official, trusted sources.
Users at high risk of being targeted and anyone who wants an extra layer of security can consider enabling Lockdown Mode (iOS) or Advanced Protection (Android).
Original Source: https://lifehacker.com/tech/aggressive-spyware-targeting-android-ios-devices?utm_medium=RSS
Disclaimer: This article is a reblogged/syndicated piece from a third-party news source. Content is provided for informational purposes only. For the most up-to-date and complete information, please visit the original source. Digital Ground Media does not claim ownership of third-party content and is not responsible for its accuracy or completeness.
