New Mobile Spyware Sold at Low Prices on Social Media
Note: AI technology was used to generate this article's audio.
- ZeroDayRAT Enables Easy Spying and Financial Theft
- Marketed at Low Prices on Telegram, Targeting Android and iPhone
The cybercrime landscape is rapidly evolving with the expansion of the so‑called “malware‑as‑a‑service” model, making sophisticated attacks accessible even to non‑experts.
Researchers have uncovered a new mobile spyware tool known as ZeroDayRAT, which is being openly sold on Telegram and allows almost anyone to monitor victims and steal their money with ease.
According to the investigation, the software targets both Android and iPhone devices. It is promoted with demo videos, price lists, and even escrow payment services to appear legitimate and trustworthy.
The attack typically begins when a victim receives a fake text message containing what appears to be an app update or a link to an official store. Similar deceptive links are also distributed through WhatsApp or fraudulent app marketplaces.
Once installed, the attacker gains access to a browser‑based control panel that provides full visibility into the victim’s device, including phone model, battery level, installed apps, call logs, messages, and even movement history.
The spyware goes far beyond basic data theft. It enables real‑time location tracking via Google Maps, secretly activates the camera and microphone, records the screen, and captures everything typed on the keyboard — including passwords and security codes.
Its most dangerous feature lies in targeting financial applications. The tool can scan cryptocurrency wallets and replace transaction addresses with ones controlled by the attacker. It also uses fraudulent methods to intercept banking verification codes and exploit digital payment services.
Access to the spyware is sold for prices starting at $250 per day and reaching $3,500 per month, putting it within reach of a wide range of cybercriminals.
Experts urge users to remain cautious by avoiding suspicious links sent via text messages or messaging apps, refraining from relying solely on SMS verification codes, using authentication apps or hardware security keys whenever possible, and installing advanced mobile security solutions rather than depending only on basic antivirus software.