Cybercriminals are increasingly leveraging advanced malware to exploit unsuspecting users. A newly identified spyware platform, dubbed ZeroDayRAT, has been reported as available for purchase on messaging platforms like Telegram, complete with user support and regular updates.
According to the mobile security firm iVerify, this formidable spyware can gain full control of devices operating on Android versions 15 to 16 and iOS up to version 26. Once it infiltrates a device, it can perform a variety of intrusive actions, including user profiling, location tracking, live surveillance, and even financial theft.
Capabilities of ZeroDayRAT
This spyware exhibits a range of functionalities that were once primarily associated with state-sponsored cyber operations. Here's a breakdown of what ZeroDayRAT can access:
Gather detailed device information, including model, operating system, battery status, country of origin, lock status, SIM and carrier details, app usage statistics, real-time activities, and SMS message previews. This data enables attackers to create comprehensive user profiles for targeted attacks.
Extract GPS coordinates, capture notifications from applications and systems, and collect account details such as usernames and email addresses.
Send SMS messages and intercept verification codes, potentially bypassing two-factor authentication measures.
Record keystrokes (including biometric unlocks, gestures, and app launches), access the device's camera and microphone, and conduct screen recordings.
Log cryptocurrency wallet addresses and target banking and payment application credentials through overlay attacks.
Protecting Yourself from Spyware
ZeroDayRAT can only compromise your device if a malicious binary--either an APK on Android or an iOS payload--is downloaded and installed. These harmful files may be disseminated through phishing tactics, such as links sent via email, text messages, or messaging applications, as well as through counterfeit app stores.
To safeguard against scams and malware, adhere to standard precautions: avoid clicking on links in unsolicited communications, including messages on apps like Telegram and WhatsApp, and ensure that you only download applications and extensions from reputable, official sources.
Individuals at heightened risk of targeting, or those seeking additional security, may want to enable Lockdown Mode on iOS or Advanced Protection on Android for enhanced safety.