A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised Android and iOS devices.
The malware provides buyers with a full-featured panel for managing infected devices, reportedly supporting Android 5 through 16 and iOS up to version 26 latest.
Researchers at mobile threat hunting company iVerify say that ZeroDayRAT not just steals data but also enables real-time surveillance and financial theft.
The dashboard shows compromised devices and information about the model, operating system version, battery status, SIM details, country, and lock state.
Dashboard overview
Source: iVerify
The malware can log app usage, activity timelines, SMS message exchanges, and provides an overview to the operator.
Other tracking tabs on the dashboard display all received notifications, and also registered accounts on the infected device, showing email/user ID, potentially enabling brute-forcing and credential stuffing.
If GPS access is secured, the malware can also track the victim in real time and draw their current position on a Google Maps view, with full location history.
Tracking the victim in real time
... continue reading