Android Remote Access Trojan (RAT) / Banking Trojan.
Targets banking applications to steal credentials through keylogging and screen capturing via the MediaProjection API . CypherRatV3.5-NEW.zip
Source code is publicly available, enabling widespread customization by various criminal groups. Key Capabilities Android Remote Access Trojan (RAT) / Banking Trojan
Specifically designed to bypass security by lifting passwords from social media apps like Facebook and Gmail. Key Capabilities Specifically designed to bypass security by
Attackers can remotely control the victim's camera, microphone, and GPS location .
This report analyzes the package, a variant of the potent CypherRat (also known as SpyNote.C) Remote Access Trojan (RAT). Originally developed by the threat actor EVLF DEV , this malware transitioned from a paid "Malware-as-a-Service" model to an open-source tool on GitHub , leading to a significant increase in global infections. Malware Profile
CypherRat V3.5 and its variants are designed for comprehensive device surveillance and financial theft: