New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
10.10.2025
15175
ClayRat Android spyware uses fake apps and Telegram to steal data and spread via contacts.
🚨 Spyware Alert: ClayRat is hunting Android users through fake apps
New ClayRat spyware is going after Android users by disguising itself as fake WhatsApp and TikTok apps—stealing your data and spreading through your contacts like digital wildfire.
This isn't your average malware—ClayRat uses Telegram as its command center to exfiltrate everything from your messages and contacts to your location and media files. Once it's in, it auto-spreads by messaging your entire contact list with infected links.
- • Fake WhatsApp and TikTok apps as primary infection vectors
- • Uses Telegram for C2 communication and data exfiltration
- • Steals messages, contacts, location data, and media files
- • Auto-spreads through contact lists via malicious links
- • Targets Android devices specifically
The spyware operates with deep system access, making it capable of real-time surveillance and data harvesting. Security researchers have flagged this as part of a growing trend of mobile-focused cybercrime operations that leverage legitimate platforms like Telegram for malicious purposes.
Stay safe: Only download apps from official stores, check app permissions carefully, and be wary of unsolicited messages—even from known contacts. This is why we can't have nice things in the mobile security space.
#WhatsApp malware#malware#data theft#fake applications#Android spyware
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
