cybersecurity researchers have uncovered a new and sophisticated mobile spyware platform being actively marketed to potential buyers. The malware, known as ZeroDayRAT, is designed to steal sensitive information and enable real-time surveillance on both Android and iOS smartphones, posing a significant threat to personal and corporate data security worldwide.

Spyware Sold Openly on Messaging Platform

The discovery was detailed by security analysts who found the spyware being advertised on the Telegram messaging service. The platform’s developer maintains dedicated channels for sales, customer support, and providing regular updates to the malicious software. This structure offers buyers a centralized access point to a fully operational surveillance tool.

ZeroDayRAT represents a concerning trend of commercial spyware being commoditized and sold with professional customer service. This lowers the barrier to entry for malicious actors who may lack technical expertise, enabling them to conduct sophisticated espionage.

Capabilities and Potential Impact

The spyware’s advertised features are extensive. It is promoted as a tool capable of capturing a wide array of sensitive data from infected devices. This includes real-time location tracking, intercepting calls and messages, accessing photos and videos, and harvesting login credentials from various applications.

By functioning on both major mobile operating systems, the threat’s potential reach is global. Security experts warn that such tools are often used for corporate espionage, stalking, or political surveillance, putting individuals, executives, and activists at severe risk.

A Growing Commercial Spyware Market

The emergence of ZeroDayRAT highlights the expanding underground market for surveillance-for-hire services. These platforms are frequently updated to evade detection by mobile security software and operating system defenses.

Researchers note that the professional presentation, including sales and support channels, mimics legitimate software companies. This commercial approach makes powerful spying capabilities more accessible than ever before.

Protection and Official Response

Security professionals advise mobile users to protect themselves by only installing applications from official app stores, keeping device operating systems updated, and being cautious of clicking links or opening attachments from unknown sources. The use of reputable mobile security software is also recommended.

Cybersecurity firms are analyzing the spyware’s code to develop detection signatures. They are also notifying relevant platform vendors, including Google and Apple, to aid in mitigating the threat through their respective security ecosystems.

Industry analysts expect further technical details about ZeroDayRAT’s infection methods and command-and-control infrastructure to be released in the coming weeks. Law enforcement agencies in multiple countries are likely to monitor the sales channels as part of broader efforts to combat the commercial spyware trade.

Source: Cybersecurity Research Reports