Tag: Trojan

The criminal underground is witnessing a proliferation of remote access Trojan (RAT) attacks fueled by the broader availability of turnkey cyberattack kits

Latin American businesses have been under attack by a sophisticated Windows-based banking trojan called TOITOIN since May 2023.

Ramnit is a modular banking Trojan. Ramnit steals web session information, giving its operators the ability to steal account credentials.

Raccoon infostealer was first observed in April 2019. This infostealer targets Windows systems and is sold as a MaaS in underground forums.

Qbot AKA Qakbot is a banking Trojan that first appeared in 2008. It was designed to steal a user’s banking credentials and keystrokes.

LokiBot is commodity infostealer for Windows. It harvests credentials from a variety of applications, web browsers, email clients, IT administration tools.

Android malware which repackages legitimate apps and then releases them to a third-party store. Its main function is displaying ads.

Glupteba is a Windows backdoor which gradually matured into a botnet. By 2019 it included a C&C address update mechanism through public BitCoin lists.

LemonDuck is a cryptominer first discovered in 2018, which targets Windows systems. It has advanced propagation modules, including sending malspam, RDP brute-forcing and mass-exploitation via known vulnerabilities such as BlueKeep.

IcedID is a banking Trojan which first emerged in September 2017. It spreads by mail spam campaigns and often uses other malwares like Emotet.