MacSpy

A RAT and the first known MaaS targeting Mac users, available for free or as a paid, advanced version on a Dark Web forum. The malware has capabilities including: capture screenshots, log keystrokes, record voice, retrieve clipboard content, retrieve browsing data, obtain iCloud photos, retrieve any files and data, encrypt the entire user directory, disguise the malware as a legitimate file, and access emails and social network accounts.

CertLock

A trojan distributed by unwanted program bundles and functions as protection software and makes it difficult for Windows users to run their security programs by blocking security vendor's certificates, preventing Windows from executing any program signed with that certificate, including those already installed on the device.

Qbot

A banking trojan first identified in 2009 that downloads files, steals information, and opens a backdoor on the compromised device. It is distributed via drive-by downloads after users visit infected webpages. Qbot then spreads through networks by copying itself to shared folders. It is typically used in highly-targeted campaigns to avoid drawing attention their operations.

Fireball

Fireball

Fireball is a trojan that creates a critical backdoor that has impacted over 250 million computers worldwide. Fireball can be used to spy on victims, perform efficient malware dropping, and execute any malicious code in the infected machines, this creates a massive security flaw in targeted machines and networks.

GootKit

A trojan used by a select group of threat actors to conduct online banking fraud attacks targeting consumer and business bank accounts. These actors infiltrate the accounts, steal credentials, and manipulate banking sessions to eventually take over the bank accounts and transfer cash from the victim account to one under their control.