Legal Document

Terms of Service

craxsratinfo.comVersion 2.0

Please read these Terms of Service carefully before using CraxsRatInfo. By accessing or using any part of this website — including reading articles, using the infection checker, subscribing to alerts, or submitting a report — you agree to be bound by these Terms in full. If you do not agree with any part, you must discontinue use of this site immediately.

01 —

About This Website

CraxsRatInfo (craxsratinfo.com) is an independent cybersecurity research and public education platform. Our sole focus is the documentation, technical analysis, and defensive countermeasures related to CraxsRat and related Android Remote Access Trojans (RATs). All content published on this site is produced for the benefit of potential victims, security researchers, IT professionals, and the general public seeking to protect their devices.

This site is operated by the CraxsRatInfo research team. We are not affiliated with, endorsed by, or connected to the developer of CraxsRat or any threat actor referenced in our research. Our work is strictly defensive and intelligence-oriented. References to malware mechanics, campaign infrastructure, or threat actor activity are made solely to inform and protect — never to facilitate or enable attacks.

Our Position

CraxsRatInfo exists to expose, document, and help neutralise a real-world threat. Every technical detail published here is drawn from existing public threat intelligence reports by Group-IB, Cyfirma, Kaspersky, ESET, SOCRadar, Lookout, and Recorded Future. We add analysis and accessibility — we do not originate or distribute attack tooling of any kind.

02 —

Acceptance of Terms

By accessing craxsratinfo.com — whether by visiting any page, using any interactive tool, submitting any form, or subscribing to any service — you confirm that you have read, understood, and agree to be bound by these Terms of Service, along with our Privacy Policy and Disclaimer, which are incorporated herein by reference.

If you are accessing this site on behalf of an organisation, company, or institution, you represent and warrant that you have the authority to bind that entity to these Terms, and your agreement to these Terms constitutes the agreement of that entity.

Age Requirement: You must be at least 16 years of age to use this website. By using the site, you confirm you meet this requirement. If you are under 16, please discontinue use immediately. Users between 16 and 18 should have a parent or guardian review these Terms.

These Terms constitute a legally binding agreement. If you do not accept them in their entirety, you are not authorised to use this site and must cease access immediately.

03 —

Educational & Research Purpose

All content on CraxsRatInfo — including but not limited to blog articles, threat intelligence reports, campaign analyses, technical breakdowns, malware capability descriptions, infection detection guides, and removal instructions — is published exclusively for educational, informational, and defensive research purposes.

The technical information we publish describes threats that already exist in the wild and are documented in public reports by reputable cybersecurity firms. Our purpose in republishing, synthesising, and expanding on this material is to ensure that the widest possible audience — including everyday Android users, IT administrators, enterprise security teams, and academic researchers — has access to accurate, actionable information about real threats affecting real devices.

Research Standards We Follow

Our research methodology is aligned with responsible disclosure principles: we document capabilities and indicators without providing functional attack code, activation instructions, or source material that would assist a threat actor. Technical details are included only to the degree necessary for detection and defence.

Nothing on this website should be interpreted as providing legal, professional security, or medical advice. Security guidance published here is general in nature. For specific incidents affecting your organisation, we strongly recommend engaging a qualified incident response team.

04 —

Permitted & Prohibited Use

Access to CraxsRatInfo is granted subject to the conditions below. We have designed these terms to be permissive for legitimate security work while drawing a hard line against any use that could facilitate harm.

✓ Permitted Use

Reading, studying, and referencing content for personal or professional knowledge
Using the infection checker to assess your own device
Sharing article links for awareness or educational purposes
Citing our research in academic papers with proper attribution
Using detection indicators (IOCs) defensively in your own security tooling
Security awareness training within your organisation
Journalism and public-interest reporting on mobile threats
Subscribing to security alert newsletters
Submitting malware samples or threat reports via our report forms
Linking to our content from blogs, forums, or social media

✗ Prohibited Use

Using any content to develop, modify, or distribute malware or attack tools
Attempting to reverse-engineer, scrape, or data-mine site content at scale without permission
Using threat intelligence to identify or exploit vulnerable targets
Reproducing substantial portions of our original content on other sites without written permission
Impersonating CraxsRatInfo or misrepresenting affiliation with our research team
Attempting to gain unauthorised access to any part of the site or its infrastructure
Uploading or transmitting malicious code via any form or submission interface
Using automated bots, scrapers, or crawlers without prior written consent
Framing or mirroring this site in a way that misrepresents ownership or origin
Any use that violates applicable law in your jurisdiction

Violation of any prohibited use condition may result in immediate termination of your access, reporting to relevant authorities, and potential legal action. We monitor for abusive access patterns and reserve the right to block IP addresses, ASNs, or entire networks that demonstrate prohibited behaviour.

05 —

Intellectual Property Rights

Unless explicitly stated otherwise, all original content on CraxsRatInfo — including written articles, analysis, infographics, the infection detection tool, site design, layout, code, and the compilation of threat intelligence data — is the intellectual property of CraxsRatInfo and is protected under applicable copyright and intellectual property law.

What You May Do

You are permitted to quote brief excerpts (no more than 150 words) from our articles for the purpose of commentary, criticism, or reporting, provided you include clear attribution and a direct hyperlink to the original article on craxsratinfo.com. Academic citation under standard fair use / fair dealing principles is permitted.

What You May Not Do

You may not reproduce, republish, distribute, sell, or create derivative works from any substantial portion of our original content without obtaining explicit written permission in advance. This applies to blog articles, research reports, infographics, tool interfaces, and any other original material produced by CraxsRatInfo. Reproducing our content on AI training datasets, content farms, or competitor research platforms without permission is expressly prohibited.

Third-Party Content

Threat intelligence data, statistics, and findings sourced from Group-IB, Cyfirma, Kaspersky Lab, ESET, SOCRadar, Lookout, and Recorded Future remain the intellectual property of their respective organisations. Our use of this material constitutes fair use for analysis and educational commentary. If you wish to reproduce data attributed to these organisations, you must obtain permission from them directly.

The CraxsRatInfo name, logo, and associated branding are proprietary. You may not use them in any way that implies endorsement, affiliation, or partnership without our express written consent.

06 —

No Malware Distribution Policy

CraxsRatInfo operates under an absolute, unconditional policy against distributing, hosting, linking to, or facilitating access to any malicious software, including CraxsRat itself, its variants (including G700), cracked builds, builder tools, or any other Remote Access Trojan or offensive Android tooling.

Absolute Prohibition

We do not now, and will never: host APK files containing malware; provide download links to malicious software; share C2 server addresses in a manner that enables their use; distribute builder interfaces or cracked versions of any RAT; or provide operational instructions that would assist a threat actor in deploying CraxsRat or similar malware against victims.

Technical indicators of compromise (IOCs) — such as package names, file hashes, permission patterns, and network signatures — are shared only in the context of detection and defence. These are presented as reference data for security tools, antivirus vendors, and network administrators, not as operational intelligence for attackers.

If you have encountered a page, link, or content on this site that you believe violates this policy, please report it immediately at craxsratinfo.com/report/security/. We take any such report with the utmost seriousness and will investigate and act within 24 hours.

Any user found to be attempting to obtain malware or attack tools via this platform — whether through the submission forms, contact channels, or any other means — will be permanently banned and their activity reported to the relevant law enforcement authorities.

07 —

Accuracy of Research Content

We take the accuracy of our threat intelligence seriously. All research published on CraxsRatInfo is based on publicly available reports from named, reputable cybersecurity firms, supplemented by our own independent analysis. We cite sources directly and link to original research wherever possible.

However, the nature of cybersecurity research means that the threat landscape evolves rapidly. Malware capabilities change, new variants emerge, and previously documented behaviour may be superseded. While we make every reasonable effort to keep content current — including displaying “Last Verified” dates on key pages — we cannot guarantee that all information is complete, accurate, or current at the time you read it.

Content Currency

Each article displays its publication date and, where applicable, a last-reviewed date. If you are making a security decision for a production environment, always cross-reference with the original threat intelligence reports linked in our sources section. Our analysis is a starting point — not a substitute for professional incident response.

We welcome corrections. If you identify factual inaccuracies, outdated indicators, or attribution errors in our research, please contact us at craxsratinfo.com/report/problem/. Verified corrections will be applied and the article updated with a correction notice.

08 —

Third-Party Links & Sources

CraxsRatInfo links to external sources including published threat intelligence reports, academic papers, news articles, cybersecurity vendor blogs, and official documentation. These links are provided as supporting references for our research and for the convenience of our readers.

We do not control third-party websites. Once you follow a link off craxsratinfo.com, you are subject to the terms, privacy policies, and content standards of the destination site. We are not responsible for the availability, accuracy, safety, or content of any external site, even if we have previously reviewed or cited it.

In particular, some of our research references Telegram channels and underground forum activity as part of documented threat intelligence. Linking to or describing the existence of these channels is strictly for informational and research purposes. We do not endorse, operate, or moderate any Telegram group, forum, or third-party community referenced in our reports. The CraxsRatInfo Telegram link in our navigation is our own official channel and is operated under our direct control.

The presence of a link or citation on this site does not constitute an endorsement of that organisation's views, products, or services. Equally, third-party sources that cite or link to us do not automatically represent our views.

09 —

Newsletter & Email Communications

CraxsRatInfo operates a voluntary email alert service through which subscribers receive notifications about new CraxsRat variants, related Android malware threats, and new research articles. Subscription is entirely opt-in — we will never add you to a mailing list without your explicit consent.

What We Send

New variant alerts when a significant CraxsRat update or derivative (e.g. G700) is documented
New blog article notifications when we publish research or detection guides
Critical threat advisories for high-severity, actively exploited Android malware campaigns
Occasional site updates relevant to security researchers and users

What We Will Never Send

Unsolicited commercial advertising or sponsored content
Third-party marketing emails or affiliate promotions
Emails asking you to click a link to “verify” credentials or log into an account (we have no accounts)

You may unsubscribe from all communications at any time by clicking the unsubscribe link in any email, or by contacting us directly. Unsubscribe requests are processed within 48 hours. For full details of how we handle email subscriber data, see our Privacy Policy.

10 —

User Submissions & Reports

CraxsRatInfo provides three submission channels: /report/app/ for reporting suspicious applications, /report/problem/ for reporting site issues or content corrections, and /report/security/ for responsible disclosure of security vulnerabilities in our own infrastructure.

Your Responsibilities When Submitting

By submitting content through any of our forms, you confirm that: (a) the information you provide is accurate to the best of your knowledge; (b) you have the right to share any data or material submitted; (c) your submission does not contain malicious code, personally identifiable information of third parties shared without consent, defamatory content, or material that violates any applicable law.

Our Rights Over Submissions

By submitting threat reports, application reports, or research tips to CraxsRatInfo, you grant us a non-exclusive, worldwide, royalty-free licence to use, analyse, and publish findings derived from your submission as part of our research output. We will not publish your personal information or identifying details without your explicit consent. Attribution will be offered but is never required — anonymous submissions are fully accepted.

Prohibited Submissions

Do not submit actual malware samples, APK files, or executable code through our standard report forms. Our submission forms are not equipped for safe malware handling. If you are a security researcher wishing to share a sample for analysis, contact us via the security report channel with a description first, and we will establish a secure transfer method.

11 —

Security Research Standards

CraxsRatInfo operates in accordance with widely-accepted responsible disclosure and ethical security research principles. Our research practices are guided by the following standards:

No active exploitation: We analyse malware behaviour in isolated, controlled environments. We do not deploy CraxsRat or any other malware against live devices, networks, or individuals under any circumstances.
Responsible C2 handling: When our research identifies active Command and Control infrastructure, we do not interact with, probe, or attempt to access it beyond passive observation. Active C2 infrastructure is reported to relevant abuse contacts and threat intelligence sharing platforms.
Victim protection: We do not publish, display, or share information that could identify, expose, or further harm victims of CraxsRat infections. Campaign statistics are always presented in aggregate.
No re-hosting of attack tooling: We do not re-host, mirror, or archive malware samples, builder tools, or cracked versions of any RAT — even for research accessibility purposes.
Coordinated disclosure for new findings: When our research uncovers a previously undocumented vulnerability, variant, or campaign, we follow coordinated disclosure practices — notifying affected vendors or platforms before publishing.

Visitors who identify concerns about our research methodology or specific pieces of published content are encouraged to contact us via craxsratinfo.com/report/security/.

12 —

Limitation of Liability

To the fullest extent permitted by applicable law, CraxsRatInfo, its operators, researchers, contributors, and agents shall not be liable for any direct, indirect, incidental, consequential, special, exemplary, or punitive damages of any kind arising from or related to your use of, or inability to use, this website or its content.

This limitation applies specifically to, but is not limited to: loss of data or device functionality; financial losses resulting from a malware infection; decisions made on the basis of information published on this site; reliance on the accuracy or completeness of any threat intelligence report; failure to detect an infection using our tools or guidance; and any third-party actions taken using information found on this site.

Important Disclaimer on Security Outcomes

Security guidance is inherently probabilistic — no detection method, removal guide, or defensive recommendation can guarantee protection against all variants of a threat in all circumstances. CraxsRatInfo provides best-effort guidance based on documented behaviour. We make no warranty that following our recommendations will result in a clean device, successful removal, or prevention of future infection. For active incidents, engage a qualified security professional.

The site is provided on an “as is” and “as available” basis. We make no warranties — express or implied — regarding the site's availability, reliability, security, or fitness for any particular purpose. We reserve the right to modify, suspend, or discontinue the site or any feature thereof at any time without notice.

Some jurisdictions do not permit the exclusion of certain warranties or limitation of liability for consequential damages. In such jurisdictions, our liability is limited to the maximum extent permitted by law.

13 —

Indemnification

You agree to defend, indemnify, and hold harmless CraxsRatInfo, its operators, researchers, contributors, affiliates, and agents from and against any and all claims, damages, obligations, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from:

Your use of this site in violation of these Terms
Your violation of any applicable law, regulation, or third-party right
Any content you submit through our forms or report channels that causes harm to CraxsRatInfo or a third party
Any misuse of information found on this site to facilitate a cyberattack, harassment, or any other harmful activity
Your misrepresentation of your identity, affiliation, or purpose in relation to this site

CraxsRatInfo reserves the right to assume exclusive defence and control of any matter subject to indemnification by you, in which case you agree to cooperate with our defence of such claims. This indemnification obligation survives termination of these Terms and your use of the site.

14 —

Governing Law & Dispute Resolution

These Terms of Service and any dispute arising out of or in connection with them shall be governed by and construed in accordance with applicable law. Given the international nature of our readership — spanning EU, US, South Asian, and Southeast Asian users — we aim to apply standards consistent with generally recognised internet law principles.

GDPR & EU Users

For users located in the European Economic Area, these Terms are intended to comply with the GDPR and applicable EU consumer protection legislation. Nothing in these Terms removes your statutory rights under EU law. For privacy-specific disputes, please refer to our Privacy Policy, which details your right to lodge a complaint with your national Data Protection Authority.

Dispute Resolution

In the event of a dispute arising from these Terms or your use of this site, we strongly encourage you to contact us first at legal@craxsratinfo.com to seek an informal resolution. We will make good-faith efforts to resolve disputes amicably within 30 days of receiving written notice.

If an informal resolution is not reached, disputes may be referred to binding arbitration or mediation under mutually agreed terms. Any formal legal proceedings shall be conducted in the English language.

If any provision of these Terms is found to be unenforceable or invalid under applicable law, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall continue in full force and effect.

15 —

Modifications to These Terms & Contact

CraxsRatInfo reserves the right to modify these Terms of Service at any time. We will update the “Effective Date” at the top of this page whenever material changes are made. For significant changes — such as those affecting user rights, prohibited use conditions, or liability — we will provide notice via our newsletter to subscribed users.

Your continued use of craxsratinfo.com after any modification constitutes your acceptance of the revised Terms. We encourage you to review these Terms periodically. If a change is not acceptable to you, your sole remedy is to discontinue use of the site. Previous versions of these Terms are available upon written request.

Entire Agreement

These Terms of Service, together with our Privacy Policy and Disclaimer, constitute the entire agreement between you and CraxsRatInfo with respect to your use of this site, and supersede all prior or contemporaneous understandings or agreements on this subject.

Contact Us

For any questions, concerns, or legal notices regarding these Terms, please reach out through the following channels:

CraxsRatInfo — Legal & Compliance

Website: craxsratinfo.com

Legal enquiries: legal@craxsratinfo.com

Security reports: craxsratinfo.com/report/security/

Content corrections: craxsratinfo.com/report/problem/

// Response time: within 5 business days for legal enquiries