A new malware-as-a-service called CrystalRAT has emerged on Telegram channels, offering cybercriminals a comprehensive toolkit for remote system access and data theft. The malware combines traditional remote access trojan (RAT) functionality with credential stealing capabilities and prankware features designed to disrupt victim systems.
The threat appears to be actively marketed through underground Telegram channels, making it accessible to criminals with varying technical expertise. The malware-as-a-service model lowers the barrier to entry for cybercriminal operations by providing ready-made tools without requiring programming knowledge.