A growing cybersecurity threat has prompted experts to issue a strong warning for smartphone users, after a newly discovered spyware called ZeroDayRAT was found targeting both Android devices and Apple iPhones.
Security researchers said ZeroDayRAT is not a typical virus. It is a powerful remote access tool that allows attackers to gain near-total control of an infected phone within minutes. Once active, the spyware can secretly monitor users without their knowledge.
According to cybersecurity analysts, ZeroDayRAT is being sold online as a ready-to-use toolkit. This has made it easier for criminals to carry out attacks without advanced technical skills. After purchasing the tool, attackers simply spread phishing links. The moment a user clicks on one of these links, the spyware installs silently and begins operating in the background.
Investigators said the ZeroDayRAT malware can activate the phone’s camera and microphone, record the screen, track real-time location, and read messages and notifications. Early findings also suggest that sensitive information from banking apps and crypto wallets may be stolen, exposing users to serious financial and privacy risks.
Experts warned that what makes ZeroDayRAT especially dangerous is its ease of use. Tools with such advanced surveillance capabilities were once limited to state-level operations. Their availability in underground markets now puts everyday smartphone users at risk.
Officials said the spyware is mainly spreading through fake messages, phishing emails, and malicious app links. These messages often pretend to be from banks, courier services, or trusted contacts to trick users into clicking.
The spyware is also hard to detect. Many users may not realise their phones are compromised for long periods. Possible warning signs include unusual battery drain, high data usage, overheating, or slow performance, symptoms that are often ignored.
Cyber experts stressed that prevention is critical. Users should avoid clicking on unknown links, install apps only from official app stores, and keep “unknown source” installations disabled. Regular software and security updates are also essential.
Experts advised extra caution with urgent or reward-based messages on social media and messaging apps. Any strange phone behaviour should trigger an immediate security scan. In serious cases, a factory reset may be required.
Authorities said investigations into ZeroDayRAT’s distribution are ongoing. Users who suspect compromise have been urged to disconnect from the internet, inform their bank if financial apps are affected, and seek professional help. Early action, officials said, remains the best way to limit damage.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
