We’ve said this time and time again, but you have to be vigilant about links sent by unknown senders, suspicious email attachments, and downloading apps outside of authorized app stores. According to the folks at iVerify, they have discovered a new malware called ZeroDayRAT that is targeting both Android and iOS devices, with the ability to steal your money.
How ZeroDayRAT gets onto iOS and Android
ZeroDayRAT isn’t some basic piece of malware that serves you annoying ads. According to iVerify’s findings, it’s a full-blown spyware platform that’s being sold openly on Telegram. Buyers get access to a control panel that gives them complete remote access to a victim’s phone. We’re talking about Android 5 through 16 and iOS up to 26, including the iPhone 17 Pro. The scariest part is you don’t need any technical skills to use it.
The most common way ZeroDayRAT infects a device is through smishing. Phishing emails, fake app stores, and links shared over WhatsApp or Telegram can also do the trick. Once it’s installed, the operator can see just about everything. Your device model, OS version, carrier info, SIM details, app usage, and a live timeline of your activity are all visible from a single screen.Â
The spyware also intercepts your text messages, which means SMS-based two-factor authentication is basically useless. If your bank sends you a one-time code, the attacker sees it too. As if that wasn’t bad enough, ZeroDayRAT includes a live surveillance tab that can stream your phone’s front or back camera in real time, record your screen, and listen through your microphone.Â
There’s also a keylogger that captures every single thing you type, complete with timestamps and which app you were using. An attacker can literally watch what you’re doing on your phone while reading every keystroke at the same time.
ZeroDayRAT can also steal your money
In addition to the things we mentioned above, ZeroDayRAT also comes with two separate modules designed to go after your finances. The first is a crypto stealer that scans for wallet apps like MetaMask, Trust Wallet, Binance, and Coinbase. It logs wallet addresses and balances, and it can quietly swap out copied wallet addresses with the attacker’s.
The second module targets banking apps and platforms like PhonePe and Google Pay, Apple Pay and PayPal. It uses overlay attacks to steal your login credentials. That means ZeroDayRAT can go after both your bank accounts and crypto wallets from the same panel.
So, how do you protect yourself? For starters, never click on links from unknown senders. You should also avoid downloading apps from outside the Google Play Store or Apple App Store, and keep your phone’s software up to date.
The post A new spyware called ZeroDayRAT is going after Android and iOS users, and it’s nasty appeared first on Android Headlines.
​Â
