Tag: Windows

Darkgate is a multifunction malware active since December 2017 which combines ransomware, credential stealing, and RAT and cryptomining abilities.

Danabot is a modular banking Trojan written in Delphi that targets the Windows platform. The malware is distributed via malicious spam emails.

Cryptobot is an advanced cryptominer that collects the victim’s wallet and account information upon infection.

Discovered in 2020, Bazar Loader and Bazar Backdoor are used in the initial stages of infection by the WizardSpider cybercrime gang.

Netshta is a file infector and information stealer that targets executable files, network shares, and removable storage devices.

ViperSoftX is a multi-stage cryptocurrency stealer that spreads within torrents and filesharing sites. Typically, it's distributed as a malicious crack for popular software.

Ursnif is a banking trojan and downloader that spreads through Malspam emails with Microsoft Office document attachments or ZIP files.

ZeuS is a modular banking trojan that uses keystroke logging to compromise credentials when a victim visits certain banking websites. Since the release of the ZeuS source code in 2011, ...

Researchers from firmware security firm Eclypsium have discovered a potential backdoor-like behavior in Gigabyte systems, which exposes devices to compromise.

A stealthy remote access trojan (RAT) known as 'SeroXen' has gained popularity among cybercriminals due to its low detection rates and powerful capabilities.