Tag: malware name

Raccoon infostealer was first observed in April 2019. This infostealer targets Windows systems and is sold as a MaaS in underground forums.

Qbot AKA Qakbot is a banking Trojan that first appeared in 2008. It was designed to steal a user’s banking credentials and keystrokes.

Phorpiex has been active since 2010 and at its peak controlled more than a million infected hosts. It is known for distributing other malware families.

Pegasus is a highly sophisticated spyware which targets Android and iOS mobile devices, developed by the Israeli NSO group.

NSRMiner is a cryptominer that surfaced around November 2018, and was mainly spread in Asia, specifically Vietnam, China, Japan and Ecuador.

Mylobot is a sophisticated botnet that first detected in 2017 and is equipped with complex evasion techniques including anti-VM, and anti-debugging techniques.

LokiBot is commodity infostealer for Windows. It harvests credentials from a variety of applications, web browsers, email clients, IT administration tools.

Android malware which repackages legitimate apps and then releases them to a third-party store. Its main function is displaying ads.

Glupteba is a Windows backdoor which gradually matured into a botnet. By 2019 it included a C&C address update mechanism through public BitCoin lists.

LemonDuck is a cryptominer first discovered in 2018, which targets Windows systems. It has advanced propagation modules, including sending malspam, RDP brute-forcing and mass-exploitation via known vulnerabilities such as BlueKeep.