Craxs Rat !!top!! -

: Silent recording of audio via the microphone, taking secret photos using both front and rear cameras, and tracking the device's live GPS location.

The primary goal of Craxs RAT is to grant an attacker full remote control over an infected device. Its feature set includes:

: Once installed, the malware uses Accessibility Services to grant itself extensive permissions automatically. It also employs anti-deletion mechanisms, such as closing the "Uninstall" or "Device Admin" screens if a user tries to access them. craxs rat

: Complete access to the file manager (download/upload), reading and sending SMS messages, and extracting contact lists and call logs.

: Captures everything typed by the user and can scan the screen to steal secret phases from crypto wallets like Trust Wallet or bypass Google Authenticator codes. Deployment and Evolution : Silent recording of audio via the microphone,

: Victims are often lured into downloading malicious APK files disguised as legitimate apps, such as updates for government services (e.g., "Mincifry" in Russia) or anti-virus software.

: It is particularly notorious for its ability to bypass Google Play Protect , as well as black screens used by banking and crypto apps to prevent screen capturing. It also employs anti-deletion mechanisms, such as closing

Craxs RAT is typically distributed through social engineering and phishing campaigns:

The tool is marketed on specialized hacker forums and Telegram channels: