ZeRAT Alert: Cyber Experts Warn of Sophisticated New Phishing Campaign
Cybersecurity experts have issued an urgent warning regarding a highly sophisticated phishing campaign delivering the ZeroDayRAT (ZeRAT) malware, an enterprise-grade mobile surveillance framework and remote access trojan. First identified as a significant threat in early 2026, this campaign has evolved to use AI-driven infrastructure and automated multi-stage tactics to bypass traditional security filters and compromise corporate networks. The Evolution of the ZeRAT Threat
Originally marketed for approximately $2,000 on platforms like Telegram, ZeRAT has transitioned from a standard remote access trojan into a fully packaged enterprise compromise kit. The current campaign is notable for its use of “Phishing 3.0” tactics, which blend multiple communication channels to build trust.
Multi-Channel Social Engineering: Attackers often begin with a benign-looking email or a “branded” invitation to a private workspace (like Slack), complete with fabricated conversation histories to appear authentic.
AI-Enhanced Deception: The campaign leverages generative AI to craft natural-sounding messages and even synthetic identities—including deepfake voice clips—to impersonate executives or trusted vendors.
Technical Sophistication: The malware utilizes fileless techniques and PowerShell scripts to execute payloads in memory, making it extremely difficult for traditional antivirus software to detect. Key Attack Vectors in 2026
The ZeRAT campaign exploits several modern vulnerabilities that have surged in popularity throughout the first half of 2026:
Leave a Reply