New Delhi: A serious cyber alert has been issued for smartphone users after security researchers detected a new and highly dangerous mobile spyware dubbed ZeroDayRAT, capable of compromising devices running Android as well as Apple iPhones. Experts say this is not a routine virus but a full-fledged remote access system that allows attackers to gain near-total control over a victim’s phone within moments of infection.
How the Infection Happens
According to cybersecurity analysts, ZeroDayRAT is being sold online as a ready-made toolkit, dramatically lowering the technical barrier for cybercrime. Criminals no longer need advanced coding skills—once the tool is purchased, they simply distribute phishing links. The moment a user clicks, the malware installs silently in the background and begins operating automatically.
Investigators said the spyware can activate the phone’s camera and microphone, record screens, track real-time location, and read messages and notifications. Early analysis also suggests that sensitive data from banking apps and crypto wallets may be exfiltrated, placing users at direct financial risk in addition to privacy breaches.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
What Makes ZeroDayRAT Different
Security professionals warned that ZeroDayRAT has been designed for ease of use, allowing even small cyber gangs to deploy surveillance-grade capabilities. Until recently, such tools were largely confined to state-level agencies or sophisticated intelligence operations. Their availability in underground markets now marks a dangerous shift, exposing everyday mobile users to advanced digital spying.
Officials familiar with the probe said the malware is primarily spreading through fake messages, phishing emails and malicious app links. Many of these messages impersonate banks, courier services or known contacts to gain trust. Once the link is opened, the phone becomes infected without obvious warning signs.
Financial and Privacy Risks
What makes ZeroDayRAT particularly concerning is its stealth. Users may remain unaware for extended periods while their devices are actively monitored. Sudden battery drain, unusual data consumption, unexplained overheating or sluggish performance are among the few early indicators—symptoms most users tend to overlook.
Prevention: The First Line of Defence
Cyber experts stressed that prevention remains the strongest defence. Users are advised never to click on unknown links, install apps only from official app stores, and keep “unknown source” installations disabled. Regular operating system and security updates are critical, as manufacturers continue to roll out patches to counter emerging threats.
Specialists also urged caution with messages promising rewards, urgent alerts or time-sensitive actions on social media and messaging platforms. Any unusual phone behaviour—such as unfamiliar app permissions, persistent background activity or rapid battery depletion—should prompt an immediate security scan. In severe cases, a factory reset may be necessary to eliminate hidden malware.
Investigations Underway
Cybersecurity teams believe mobile-based attacks will intensify in the coming months, driven by the growing availability of turnkey hacking tools like ZeroDayRAT. With smartphones now deeply integrated into personal finance and digital identity, even minor lapses in vigilance could result in significant losses.
Authorities reiterated that users who suspect compromise should immediately disconnect from the internet, inform their bank if financial apps are involved, and seek professional technical assistance. Early detection, they said, remains the key to limiting damage.
Investigations into ZeroDayRAT’s distribution channels are ongoing, with experts tracking digital trails to identify sellers and operators behind the spyware ecosystem. Meanwhile, officials continue to urge citizens to treat every unsolicited link or download as a potential threat—because in today’s cyber landscape, a single click can cost far more than just data.
