New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube

A new Android spyware named ClayRat has been discovered, designed to mimic popular apps like WhatsApp, TikTok, and YouTube to deceive users. This sophisticated malware targets Android devices by disguising itself as legitimate applications, thereby gaining unauthorized access to sensitive user data. ClayRat's ability to imitate widely used social media and communication platforms increases its chances of successful infection and data theft. The spyware is capable of intercepting communications, stealing credentials, and monitoring user activities without detection. Security researchers emphasize the importance of vigilance when downloading apps, especially those claiming to be popular services but sourced outside official app stores. The emergence of ClayRat highlights ongoing threats in the mobile security landscape, underscoring the need for robust mobile security solutions and user awareness to prevent such infections. Users are advised to keep their devices updated, avoid third-party app stores, and use reputable security software to mitigate risks posed by such advanced spyware threats. This discovery adds to the growing list of Android malware that exploits user trust in popular applications to spread and operate covertly.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 09 Oct 2025 21:10:17 +0000

Cyber News related to New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube

Is TikTok Safe for Kids? - As the TikTok craze continues to spread worldwide, many parents wonder about the safety implications of the app their kids can't get enough of, particularly if their kids are on the younger side. TikTok features mature user content that may require ...
1 year ago Pandasecurity.com

TikTok bans explained: Everything you need to know - A proposal to ban TikTok in the U.S. has garnered bipartisan support and raised bigger questions about data access laws. TikTok has proposed a plan - Project Texas - to move all U.S. data to the United States to allay privacy and security concerns. ...
1 year ago Techtarget.com

Clayrat spyware targets Android users with advanced surveillance capabilities - Clayrat spyware has emerged as a significant threat targeting Android devices, leveraging advanced surveillance capabilities to compromise user privacy and security. This sophisticated malware is designed to infiltrate Android smartphones, enabling ...
16 hours ago Infosecurity-magazine.com

New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube - A new Android spyware named ClayRat has been discovered, designed to mimic popular apps like WhatsApp, TikTok, and YouTube to deceive users. This sophisticated malware targets Android devices by disguising itself as legitimate applications, thereby ...
7 hours ago Bleepingcomputer.com

5 Questions to Ask Before Backing the TikTok Ban - With strong bipartisan support, the U.S. House voted 352 to 65 to pass HR 7521 this week, a bill that would ban TikTok nationwide if its Chinese owner doesn't sell the popular video app. The TikTok bill's future in the U.S. Senate isn't yet clear, ...
1 year ago Eff.org

Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
1 year ago Techtarget.com

NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users - Meta filed the lawsuit against NSO Group on October 29, 2019, in the U.S. District Court for the Northern District of California, alleging that NSO had exploited a vulnerability in WhatsApp's calling feature to deliver its Pegasus spyware to ...
5 months ago Bleepingcomputer.com CVE-2019-3568

Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
1 year ago Blog.talosintelligence.com CVE-2024-23222

Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
1 year ago Blog.talosintelligence.com

WhatsApp flaw can let attackers run malicious code on Windows PCs - On January 31, after mitigating the security issue server-side, WhatsApp alerted roughly 90 Android users from over two dozen countries, including Italian journalists and activists who were targeted in Paragon spyware attacks using the zero-click ...
6 months ago Bleepingcomputer.com CVE-2025-30401

Montana Loses in US Court - States can't just ban apps, says federal judge. The judge ruled the state can't stop app stores offering an app. How would you even enforce a statewide ban? In today's SB Blogwatch, we ponder the great firewall of Montana. "Paternalistic ...
1 year ago Securityboulevard.com

EFF Urges Ninth Circuit to Hold Montana's TikTok Ban Unconstitutional - Montana's TikTok ban violates the First Amendment, EFF and others told the Ninth Circuit Court of Appeals in a friend-of-the-court brief and urged the court to affirm a trial court's holding from December 2023 to that effect. Montana's ban prohibits ...
1 year ago Eff.org

Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets - Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. The investigation confirmed ...
6 months ago Cybersecuritynews.com

Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
1 year ago Gbhackers.com

US Jury Orders NSO Group to Pay $168 Million to WhatsApp - Meta hailed the verdict as a milestone for digital privacy and security, stating, “Today’s verdict in the WhatsApp case marks a significant advancement for privacy and security, representing the first triumph against the creation and utilization ...
5 months ago Cybersecuritynews.com

US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
1 year ago Securityboulevard.com

TikTok fined €530 million for sending European user data to China - The Irish Data Protection Commission (DPC) has fined TikTok €530 million (over $601 million) for illegally transferring the personal data of users in the European Economic Area (EEA) to China, violating the European Union's GDPR data protection ...
5 months ago Bleepingcomputer.com

EU Opens Official Probe of TikTok Over Content, Minors, Privacy - The European Commission is once again turning its attention to TikTok, announcing a wide-ranging investigation into the China-based social media site over concerns about the addictive nature of its site and content, possible harm to minors, and data ...
1 year ago Securityboulevard.com

WhatsApp's new Advanced Chat Privacy protects sensitive messages - "Today we're introducing our latest layer for privacy called 'Advanced Chat Privacy.' This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp ...
5 months ago Bleepingcomputer.com

SentinelLabs uncovers new CapraRAT spyware targeting Android users - A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT ...
1 year ago Siliconangle.com APT3 Transparent Tribe

Congress Should Give Up on Unconstitutional TikTok Bans - TAKE ACTION. TELL CONGRESS: DON'T BAN TIKTOK. As a first step, H.R. 7521 would force TikTok to find a new owner that is not based in a foreign adversarial country within the next 180 days or be banned until it does so. If deemed a national security ...
1 year ago Eff.org

ByteDance CEO and EFF are BFFs - Shou Zi Chew plays for time, while Electronic Frontier Foundation says TikTok-kill bill is DOA. As the House bill to force ByteDance to divest TikTok gains momentum, the EFF weighs in against it. In a nutshell, the foundation's argument is: We need ...
1 year ago Securityboulevard.com

Jury orders NSO Group to pay $168 million to WhatsApp for facilitating Pegasus hacks of its users | The Record from Recorded Future News - NSO’s case was severely hampered by its inability to offer the court any details of its clients' aims in the attacks, prompting Northern California federal judge Phyllis Hamilton to bar the spyware firm from presenting any evidence related to ...
5 months ago Therecord.media

ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions | WIRED - Measures have included placing spyware vendors like NSO Group and Intellexa on the so-called Entity List to prevent any US companies from doing business with them; enacting a visa restriction policy against multiple individuals “who have been ...
1 year ago Wired.com

Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
1 year ago Blog.checkpoint.com