Tag: malware name

Danabot is a modular banking Trojan written in Delphi that targets the Windows platform. The malware is distributed via malicious spam emails.

Cryptobot is an advanced cryptominer that collects the victim’s wallet and account information upon infection.

Discovered in 2020, Bazar Loader and Bazar Backdoor are used in the initial stages of infection by the WizardSpider cybercrime gang.

AlienBot is a banking Trojan for Android, sold underground as Malware-as-a-Service (MaaS). It supports keylogging, dynamic overlays for credentials theft, as well as SMS harvesting for 2FA bypass. Additional remote ...

Netshta is a file infector and information stealer that targets executable files, network shares, and removable storage devices.

Laplas is a clipper malware that spreads via other malware. Currently, the downloader SmokeLoader is spreading Laplas via phishing emails.

Ursnif is a banking trojan and downloader that spreads through Malspam emails with Microsoft Office document attachments or ZIP files.

ZeuS is a modular banking trojan that uses keystroke logging to compromise credentials when a victim visits certain banking websites. Since the release of the ZeuS source code in 2011, ...

Gh0st is a RAT used to control infected endpoints. Gh0st is dropped by other malware to create a backdoor that enables an attacker to fully control the infected device.

Agent Tesla is a RAT that targets Windows operating systems. It is available for purchase on criminal forums as Malware-as-a-Service (MaaS) offerings. It has various capabilities depending on the version ...