Get it off your phone urgently. He records you with his camera

The software was discovered by iVerify, a company that deals with cybersecurity issues. The information provided by the company shows that the malware runs on both Android and iOS, including the latest versions of both systems. He is also extremely dangerous.

ZeroDayRAT, as this is the name of the software, is advertised by an unknown developer using Telegram channels. This one is sold in the MaaS model, i.e. malware as a service. It provides interested parties with full infrastructure, including a management panel from which they can control the seized devices. It also promises full support and updates in the future.

Malware is mainly distributed through smishing campaignsi.e. fake SMS messages in which fraudsters impersonate well-known companies or institutions. In this way, they send potential victims links to download the malicious application. This one looks real at first glance, but in reality it is extremely dangerous.

Once the malware gets onto the phone, the attacker gains access to numerous data. These include:

• Phone information – model, operating system, battery status, SIM card operator or time of use of individual applications.
• Confidential data – contacts, SMS messages (including one-time codes), notifications, e-mail addresses assigned to individual accounts on various websites and services.

As if that wasn’t enough, ZeroDayRAT is also an advanced spying tool. A hacker may be tracking our location all the time. You can start recording with your phone’s camera or microphone at any time. In addition, it saves everything we type using the keyboard on the device in real time. He also has access to a preview of what is currently happening on the screen and can record it.

The malware was mainly designed to attack banking applications, cryptocurrency wallets, and financial services. After obtaining confidential data, the attacker can break into accounts and steal our money.

In summary, it is a complete toolkit for attacking mobile devices that previously required state investment or the development of special exploits, and is now sold on Telegram. The single buyer gets full access to the target device’s location, messaging, finances, camera, microphone, and keystrokes from a browser tab. Its cross-platform support and active development make it a growing threat to both individuals and organizations.

Unfortunately, there is no known list of applications that are used to infect the mobile devices of unaware users. Therefore, it is best to remove all apps that you have installed from unknown and unreliable sources. Remember to only use official stores, including Google Play and App Store. This may not be 100% certain, but the risk of becoming a victim of fraud is much lower.