Profiling the Craxs Rat Malware-as-a-Service (MaaS) Enterprise

0
January 05, 2026

Dear blog readers,

I recently came across to a relatively interesting and novel malware as a service malicious software provider that specialized in Android based malware releases with several releases currently in the works and available commercially within the cybercrime ecosystem with the vendor currently possessing a pretty decent social media presence so I decided to provide some personally identifiable information about their online whereabouts. 

Sample domains known to have been involved in the campaign include:

hxxp://craxsrat.com - Email: evlfdev@gmail.com
hxxp://craxsrat.net
hxxp://craxsserver.com
hxxp://craxsrat.com
hxxp://evlfdev.com
hxxp://spysolr.com 

Sample contact details:

Session ID:
05e476b08449c214be276c9eee0db24f5d5a2296da86432a122d3102242939fe3d

Jabber ID:
evfldev@draugr.de

Tox ID:
93BEB9028B77008BFE13A46F2B2290A75988036A77D3D6A315FFA986C45F84654FF298AB9031 

Sample social media accounts involved in the campaign include:

https://x.com/EvLFDev
https://www.facebook.com/craxsrat
https://t.me/EVLFDEV
https://github.com/EVLF
https://www.youtube.com/@EvLFDev
https://www.facebook.com/spysolr/
https://spysolr.com
https://vimeo.com/user204150405
https://x.com/spysolr
https://t.me/spysolr 

Sample video demonstrations:



Related screenshots:









Stay tuned.

About the author

Donec non enim in turpis pulvinar facilisis. Ut felis. Praesent dapibus, neque id cursus faucibus. Aenean fermentum, eget tincidunt.

0 Comments:

Subscribe to: Post Comments (Atom)