Tag: malware name

Darkgate is a multifunction malware active since December 2017 which combines ransomware, credential stealing, and RAT and cryptomining abilities.

Danabot is a modular banking Trojan written in Delphi that targets the Windows platform. The malware is distributed via malicious spam emails.

Cryptobot is an advanced cryptominer that collects the victim’s wallet and account information upon infection.

Discovered in 2020, Bazar Loader and Bazar Backdoor are used in the initial stages of infection by the WizardSpider cybercrime gang.

AlienBot is a banking Trojan for Android, sold underground as Malware-as-a-Service (MaaS). It supports keylogging, dynamic overlays for credentials theft, as well as SMS harvesting for 2FA bypass. Additional remote ...

Netshta is a file infector and information stealer that targets executable files, network shares, and removable storage devices.

ViperSoftX is a multi-stage cryptocurrency stealer that spreads within torrents and filesharing sites. Typically, it's distributed as a malicious crack for popular software.

Laplas is a clipper malware that spreads via other malware. Currently, the downloader SmokeLoader is spreading Laplas via phishing emails.

Ursnif is a banking trojan and downloader that spreads through Malspam emails with Microsoft Office document attachments or ZIP files.

ZeuS is a modular banking trojan that uses keystroke logging to compromise credentials when a victim visits certain banking websites. Since the release of the ZeuS source code in 2011, ...