Malware Tracker

A long-running .NET-based keylogger and infostealer distributed primarily through phishing emails, with extensive data exfiltration channel options.

An open-source .NET remote access trojan widely adopted by threat actors for its extensibility, ease of deployment, and active community development.

A prolific information stealer and form grabber sold as malware-as-a-service, known for its advanced anti-analysis techniques and cross-platform evolution into XLoader.

A Malware-as-a-Service infostealer sold on dark web forums, specializing in cryptocurrency wallet theft and browser credential extraction.

A lightweight open-source remote administration tool for Windows, widely repurposed by both cybercriminals and nation-state actors for persistent remote access.

A C/C++ infostealer operated as MaaS, known for its user-friendly panel and the arrest of its lead developer by the FBI in 2022.

A widely distributed .NET-based infostealer sold on underground forums, known for harvesting browser credentials, cryptocurrency wallets, and system metadata.

A commercial remote access tool frequently abused by threat actors for surveillance, credential theft, and persistent backdoor access.

A .NET-based keylogger and credential stealer sold on underground forums, notable for its multiple data exfiltration channels and aggressive harvesting capabilities.

A C++-based infostealer forked from Arkei, notable for abusing legitimate platforms like Telegram and Steam for dead-drop C2 resolution.