Cypherratv3.5-new.zip · Full & Instant

Android (Primary target), though Windows-based control builders exist. Author: Syrian threat actor known as EVLF DEV .

Android Remote Access Trojan (RAT) / Banking Trojan. CypherRatV3.5-NEW.zip

Abuses Accessibility Services to extract two-factor authentication (2FA) codes from apps like Google Authenticator . Evasion and Persistence Android Malware Targets Financial Institutions | ERGOS Malware Profile Attackers can remotely control the victim's

This report analyzes the package, a variant of the potent CypherRat (also known as SpyNote.C) Remote Access Trojan (RAT). Originally developed by the threat actor EVLF DEV , this malware transitioned from a paid "Malware-as-a-Service" model to an open-source tool on GitHub , leading to a significant increase in global infections. Malware Profile Android (Primary target)

Attackers can remotely control the victim's camera, microphone, and GPS location .

CypherRat V3.5 and its variants are designed for comprehensive device surveillance and financial theft:

Specifically designed to bypass security by lifting passwords from social media apps like Facebook and Gmail.