Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

ZeroDayRAT mobile spyware advertisement

Malware Activity
First reported
Last updated
Happening score
H score 16
2 unique sources, 2 articles

Summary

Hide ▲

The ZeroDayRAT mobile spyware platform is being advertised on Telegram as a commercial toolkit for Android and iOS devices, with support for Android 5 through 16 and iOS up to 26. Researchers say it combines real-time surveillance, OTP capture, keylogging, camera and microphone access, and financial theft features such as wallet and bank-app abuse. The offering uses a builder and self-hosted panel, lowering the barrier for operators to monitor victims and steal sensitive data from infected devices.

Related Happenings

BTMOB Android RAT no-code builder malware activity

Malware Activity
First: 26.05.2026 17:00 Last: 26.05.2026 17:00 Sources 1

About this happening: The **BTMOB** Android RAT is spreading through **phishing campaigns** across **Brazil and beyond**, raising the risk of **custom payload delivery** and **remote device takeover**....

Open Happening

AI-driven attack surge against customer-facing mobile apps in 2026

Target Trend
First: 19.05.2026 15:00 Last: 19.05.2026 15:00 Sources 1

About this happening: **Customer-facing mobile apps** faced a sharp rise in attacks in **2026**, with **87%** of monitored apps hit versus **55% in 2022**. The trend matters because **agentic AI** is l...

Open Happening

Google rolls out Android Intrusion Logging in Android Advanced Protection Mode

Security Tool/Service
First: 14.05.2026 16:30 Last: 14.05.2026 16:30 Sources 1

About this happening: Google has released **Android Intrusion Logging** for **Android Advanced Protection Mode**, giving **high-risk Android users** encrypted forensic logs to investigate suspected **s...

Open Happening

Android Intrusion Logging forensic logging rollout for spyware investigations

Security Tool/Service
First: 13.05.2026 09:55 Last: 13.05.2026 09:55 Sources 1

About this happening: **Android** is adding **Intrusion Logging**, an opt-in forensic feature in **Advanced Protection Mode** that preserves device and network activity for suspected spyware compromise...

Open Happening

Android 17 expands platform security and privacy protections

Security Tool/Service
First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Open Happening

Timeline

  1. 10.02.2026 15:00 3 articles · 3mo ago

    ZeroDayRAT advertised as mobile spyware for Android and iOS

    Initial Disclosure

    ZeroDayRAT is advertised to cybercriminals on Telegram as a commercial mobile spyware toolkit for compromised Android and iOS devices, and iVerify says it can enable real-time surveillance, OTP capture, keylogging, camera and microphone access, screen recording, clipboard address injection, and financial theft against the affected device user.

    Show sources
    Open in new tab