Hackers Hit Android and iPhone Users’ Bank Accounts, Launch Mobile Spyware Platform Triggering Total Device Takeover
Hackers have recently introduced a highly advanced mobile spyware platform known as ZeroDayRAT, which has the capability to completely compromise both Android and iOS devices. According to researchers at iVerify, this platform is currently being sold on Telegram, providing criminals with a sophisticated web dashboard to take full control of smartphones running Android versions 5 through 16 and iOS up to version 26, including the latest iPhone 17 Pro.
The ZeroDayRAT spyware is designed to collect a wide range of sensitive information from the targeted devices. This includes capturing live GPS location data along with historical locations, intercepting notifications from popular messaging apps like WhatsApp to sensitive applications such as banking and cryptocurrency platforms, retrieving comprehensive lists of accounts stored on the device, and even enabling the ability to read and send SMS messages, including one-time passwords that can bypass two-factor authentication.
Daniel Kelley, a researcher at iVerify, explained to SecurityWeek that the ZeroDayRAT platform operates in a decentralized manner, meaning there is no central server that authorities can track. The spyware is being advertised in multiple languages, including Portuguese, Russian, Chinese, Spanish, and English, indicating a global reach and potential impact on users worldwide.
In addition to its data collection capabilities, ZeroDayRAT includes features like a crypto stealer that continuously monitors the device’s clipboard for cryptocurrency addresses, allowing cybercriminals to steal funds whenever the victim attempts to make a transaction. This activity could result in unauthorized outbound transactions to unfamiliar addresses, serving as a warning sign for potential victims. The spyware also includes a bank stealer component that focuses on harvesting login credentials rather than directly initiating transfers, making it harder for users to detect unauthorized access until it’s too late.
The distribution of this malware typically occurs when unsuspecting victims click on malicious links sent through smishing texts, phishing emails, fake app stores, or links shared on messaging platforms like WhatsApp and Telegram. To protect themselves from such threats, researchers advise users to avoid clicking on unsolicited links and to only download apps from official app stores to reduce the risk of infection.
In conclusion, the emergence of the ZeroDayRAT spyware highlights the ongoing challenges posed by malicious actors targeting mobile devices. By staying vigilant and following best practices for mobile security, users can minimize the risk of falling victim to these sophisticated attacks. Stay informed by following us on X, Facebook, and Telegram for the latest updates on cybersecurity threats and trends. Subscribe to our email alerts to receive notifications directly in your inbox and stay ahead of potential risks.
