iVerify researchers have uncovered HyperRat, a new Android remote-access trojan offered as malware-as-a-service that lets subscribers control infected phones without coding, HackRead reports. Buyers receive a custom malicious APK and a web control panel that lists compromised devices by number and IP, opens VNC sessions, exfiltrates call/SMS logs, manages permissions, and sends mass phishing messages from victims SIMs. HyperRat can enumerate installed apps to generate convincing phishing overlays, bypass battery optimizations, persist after reboot, and operate a SOCKS5 proxy. Operators can also use a built-in APK builder to spoof apps, hide icons, and enable remote access, while Telegram bot integration provides covert alerts and command channels. Marketed in Russian-language forums, HyperRat follows a trend of subscription Android toolkits, like PhantomOS and Nebula, that lower the technical barrier for mobile espionage and credential theft. iVerify warns users to avoid sideloading APKs, review app permissions and default SMS handlers, and scrutinize accessibility-service requests to reduce exposure to these automated mobile threats.
