Tag: Trojan

Ramnit is a modular banking Trojan. Ramnit steals web session information, giving its operators the ability to steal account credentials.

RedLine Stealer is a trending Infostealer and was first observed in March 2020. Sold as a MaaS, and often distributed via malicious email attachments.

Raccoon infostealer was first observed in April 2019. This infostealer targets Windows systems and is sold as a MaaS in underground forums.

Qbot AKA Qakbot is a banking Trojan that first appeared in 2008. It was designed to steal a user’s banking credentials and keystrokes.

LokiBot is commodity infostealer for Windows. It harvests credentials from a variety of applications, web browsers, email clients, IT administration tools.

Android malware which repackages legitimate apps and then releases them to a third-party store. Its main function is displaying ads.

Glupteba is a Windows backdoor which gradually matured into a botnet. By 2019 it included a C&C address update mechanism through public BitCoin lists.

LemonDuck is a cryptominer first discovered in 2018, which targets Windows systems. It has advanced propagation modules, including sending malspam, RDP brute-forcing and mass-exploitation via known vulnerabilities such as BlueKeep.

IcedID is a banking Trojan which first emerged in September 2017. It spreads by mail spam campaigns and often uses other malwares like Emotet.

FormBook is an Infostealer targeting the Windows OS and was first detected in 2016. It is marketed as Malware as a Service (MaaS) in underground hacking forums.