Someone's Watching Your Phone Right Now. Maybe.
You unlock your phone, check your bank balance, scroll through texts, snap a photo of your kid. Normal stuff. Private stuff.
Now imagine someone else seeing all of that. In real time.
That's not science fiction. It's a spyware toolkit called ZeroDayRAT, and security researchers just flagged it as one of the most complete mobile surveillance platforms they've ever seen. It works on iPhones. It works on Androids. And it's being sold openly on Telegram to anyone with a credit card.
Let me say that again — you don't need to be a hacker to use this thing. You just need to know where to buy it.
Once it's on your phone, the attacker gets a dashboard — think of it like a control panel for your entire digital life. They can read your texts, see your notifications, watch which apps you open, and track how long you spend in each one. They can turn on your camera. They can turn on your microphone. They can watch your screen while you type your banking password.
It even builds a timeline of your daily habits. Who you talk to. When you're most active. When you're asleep.
If that doesn't make your skin crawl, read it again.
This isn't just surveillance for kicks. ZeroDayRAT specifically targets banking apps, Apple Pay, PayPal — the apps where your money lives. It intercepts banking notifications and can even hijack cryptocurrency transfers by swapping wallet addresses when you copy and paste.
You think you're sending crypto to your buddy. You're sending it to some guy in a basement halfway around the world.
The way it gets on your phone is the same way most malware does — you let it in. A sketchy app you sideloaded. A link you tapped in a text message. A "security update" that wasn't really a security update.
There's a reason Apple doesn't want you installing apps from outside the App Store, and Google is tightening the reins on Android sideloading too. The official app stores aren't perfect, but they're a whole lot better than downloading random files from the internet.
Here's the part that keeps me up at night.
How many of your employees use their personal phone for work email? For Teams? For two-factor authentication? If one of those phones gets compromised, the attacker isn't just in their personal life — they're in your company. Reading emails. Intercepting login codes. Watching screens during confidential meetings.
Most small businesses don't have a mobile device policy. They don't think about it until something goes wrong. And by then, "going wrong" means someone's watching everything through your employee's pocket.
Your phone gives you clues. You just have to pay attention.
Battery draining way faster than normal? Phone running hot when you're not even using it? Data usage spiking for no reason? Apps you don't remember installing? Your camera or microphone indicator lighting up when it shouldn't be?
Any one of those is worth investigating. All of them together? Back up your photos and contacts, factory reset the phone, and start fresh. Don't restore from a backup that might carry the infection right back in.
Stick to official app stores. Period. That "free" app your coworker found on some website isn't worth the risk.
Keep your phone updated. Those annoying software updates patch the exact kind of holes that spyware exploits.
Watch for weird behavior. Trust your gut — if your phone is acting strange, something might be strange.
If you run a business, have a conversation about mobile security. It doesn't have to be complicated. Start with the basics: don't sideload apps, use strong passwords, enable two-factor authentication on everything.
And if something feels really wrong — your accounts are getting hit, your phone is doing things on its own — disconnect it from WiFi and cellular immediately, change your passwords from a different device, and call a professional.
That's what we're here for.
Sparrowhawk Technology — Making your technology safe and easy to use.
