ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit
Summary
ZeroDayRAT is a new cross-platform spyware toolkit being sold on Telegram that targets both Android and iOS devices. It offers a range of capabilities, including data exfiltration, credential theft, and real-time surveillance, and lowers the barrier to entry for hackers seeking remote access to mobile devices.
IFF Assessment
The spyware's capabilities allow attackers to easily surveil and steal data from compromised devices, making it bad for defenders.
Severity
Defender Context
ZeroDayRAT represents a growing trend of commercially available spyware lowering the barrier to entry for attackers. Defenders should monitor network traffic for suspicious data exfiltration, educate users about phishing and malicious app installation, and implement robust mobile device management policies. Detecting and preventing the installation of such spyware is paramount.