Craxs Rat May 2026

: Once installed, the malware uses Accessibility Services to grant itself extensive permissions automatically. It also employs anti-deletion mechanisms, such as closing the "Uninstall" or "Device Admin" screens if a user tries to access them.

The primary goal of Craxs RAT is to grant an attacker full remote control over an infected device. Its feature set includes:

Craxs RAT is a sophisticated and dangerous Remote Access Trojan (RAT) designed specifically for the Android operating system. Developed by a threat actor known as , who is believed to be based in Syria, it has evolved from the leaked source code of Spymax (also known as SpyNote). Today, it is sold as "Malware-as-a-Service" (MaaS) on platforms like Telegram, providing cybercriminals with advanced tools to completely hijack mobile devices. Core Capabilities and Features craxs rat

: Silent recording of audio via the microphone, taking secret photos using both front and rear cameras, and tracking the device's live GPS location.

: Complete access to the file manager (download/upload), reading and sending SMS messages, and extracting contact lists and call logs. : Once installed, the malware uses Accessibility Services

The tool is marketed on specialized hacker forums and Telegram channels:

: Attackers can view the device screen in real-time at up to 60 FPS, perform gestures, and use the device's keyboard. Its feature set includes: Craxs RAT is a

: The developer released Craxs RAT v7.5 in April 2024, which introduced even more robust obfuscation and stealth features. A successor or related variant known as G700 RAT has also been identified, targeting financial and cryptocurrency environments. Pricing and Availability