Technical Analysis of EagleSpy V6.0 (CraxsRAT Rebrand) Distributed Through Odysee and Telegram

I recently investigated an individual operating through Odysee and Telegram who is selling a malicious Android RAT known as EagleSpy V6.0, which appears to be a rebranded version of CraxsRAT. During the investigation: – I was financially scammed after payment – The seller blocked communication afterward – The malware infrastructure was analyzed in detail Technical analysis confirmed: – Banking phishing overlays – Crypto wallet credential theft – Telegram bot exfiltration – Remote shell execution – Keylogging – Camera/microphone access – GPS tracking – Ransomware components – DEX packers for AV evasion – Hidden update/backdoor mechanisms The repository also contained evidence of real victim infrastructure and compromised device information. The malware appears capable of targeting not only victims, but potentially even buyers/operators through embedded update systems and hidden control mechanisms. Relevant reports have already been submitted to platform abuse teams. Odysee channel involved: https://odysee.com/@justicerat:e Telegram: @JustIcedevs This post is intended purely as a cybersecurity awareness warning to help prevent additional victims. If moderators require technical validation or indicators of compromise, I can provide structured analysis details privately. submitted by /u/CranberryOk2634 [link] [comments]Technical Information Security Content & DiscussionRead More