SecurityWeek reports that novel commercial spyware toolkit ZeroDayRAT could be leveraged to enable total remote compromise of both Android and iOS devices.Installation of ZeroDayRAT, which has been distributed on Telegram since Feb. 2, not only facilitates victim and device profiling, location tracking, and app usage monitoring but also live camera streaming and microphone and screen recording, an analysis from iVerify showed. In addition to a keylogger obtaining gestures and biometric unlocks, ZeroDayRAT also features a cryptocurrency stealer that enables continuous clipboard injections and a bank stealer that targets banking credentials. Disrupting ZeroDayRAT was regarded as a significant challenge due to difficulties in identifying its creator and its lack of a central server."Every operator runs their own instance, so you're playing whack-a-mole against individual infrastructures. The Telegram sales channel is the most visible chokepoint, but Telegram takedowns are slow, and even if it happens, the developers just spin up a new channel," said iVerify research fellow Daniel Kelley.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




