This new 'laughing rat' malware will steal your data and hack your systems — and then laugh at you while doing it

CrystalX RAT comes with a handful of prankware

News By Sead Fadilpašić published 2 April 2026

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

An account already exists for this email address, please log in. Subscribe to our newsletter

• CrystalX RAT offers advanced remote access and data theft
• Includes prankware features to attract novice hackers
• Promoted via Telegram and YouTube subscription campaigns

Security researchers are warning about a new malware service being offered on the dark web which, aside from advanced and highly disruptive capabilities, also enables various pranks and annoyances.

Cybersecurity experts Kaspersky have detailed CrystalX RAT, a new malware-as-a-service (MaaS) offering rather similar to the popular WebRAT.

“CrystalX RAT represents a highly functional MaaS platform that is not limited to espionage capabilities – spyware, keylogging and remote control – but includes unique stealer and prankware features,” the researchers explained. “Combined with the growing PR campaign for CrystalX RAT, it can be concluded that the number of victims can increase significantly in the near future.”

Article continues below

PR campaign

This tool has a lot to offer - for remote access and system control, it enables command execution, arbitrary file download/upload, file system browsing, real-time machine control, and forced system shutdown.

For data theft and infostealing, it enables keylogging, clipboard jacking, browser data theft, and desktop app data theft (Steam, Discord, Telegram).

Finally, for surveillance, it enables video capture through the camera, as well as audio capture through the microphone.

At the same time, it can be seen as prankware, as well. There are a handful of disturbance features thrown into the mix, such as the ability to change desktop wallpapers, alter display orientation to various angles, showing fake notification, changing the cursor position, hiding desktop icons, taskbar, Task Manager, and Command Prompt executable, and remapping the mouse.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors