Jump to content




This Aggressive Spyware Is Targeting Both Android and iOS Devices

  •
ResidentialBusiness
in Setting Up Your Home Office

Featured Replies

Threat actors don't have to work that hard to obtain sophisticated malware to deploy against unsuspecting targets. A new spyware platform known as ZeroDayRAT is reportedly being sold on Telegram, complete with customer support and updates.

According to mobile security company iVerify, this aggressive spyware grants full remote control over devices running Android 15 through 16 and iOS versions up to iOS 26. Once deployed, it allows everything from user profiling and location tracking to live surveillance and financial theft.

What ZeroDayRAT can gather from your device

This spyware has wide-ranging capabilities that, according to iVerify, have traditionally been found on platforms sponsored by state actors. Here's a look at what ZeroDayRAT can do:

  • Collect information about the device, such as model, OS, battery, country, lock status, SIM and carrier info, app usage, live activity, and SMS message previews. This allows threat actors to develop user profiles for further targeting.

  • Pull GPS coordinates, capture notifications from apps and systems, and harvest account information, such as usernames and emails.

  • Send SMS messages and receive verification codes to bypass two-factor authentication.

  • Log keystrokes (including biometric unlocks, gestures, and app launches), access the camera and microphone, and screen record.

  • Log crypto wallet addresses and target banking and payment app credentials via overlay attacks.

How to protect against spyware

ZeroDayRAT can infect your device only if a malicious binary—an APK on Android or iOS payload—is downloaded and installed. These may be distributed through phishing, such as links sent via emails, texts, or messaging platforms, as well as in fake app stores.

All standard guidance for avoiding scams and malware applies: never click links in unsolicited communication, including conversations in apps like Telegram and WhatsApp, and only download apps and extensions from official, trusted sources.

Users at high risk of being targeted and anyone who wants an extra layer of security can consider enabling Lockdown Mode (iOS) or Advanced Protection (Android).

View the full article
Go to topic listing




Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

Account

Navigation

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.