New Proteus Malware Can Mine for Crypto-Currency, Log Keystrokes, and More

New Proteus Malware Can Mine for Crypto-Currency, Log Keystrokes, and More

BitsPlan

Proteus malware

A new multi-functional malware family detected as Proteus can transform the computers of infected users in proxy servers, can mine for various types of crypto-currencies, can log keystrokes, and check the validity of stolen online accounts.

Detected by security researchers from Fortinet, this new malware family is written in .NET and current evidence reveals that crooks are using the Andromeda malware/botnet to drop Proteus on victims’ computers.

While not as complex and widespread as Andromeda, Proteus shares features with this ancient botnet, because it also uses a central command control (CC) server to control the malware’s actions on infected bots.

Also similarly to Andromeda, Proteus can download modules and even other malware in later stages, to diversify its attack arsenal.

Proteus is a multi-faceted threat

Currently, Fortinet researchers have spotted the Andromeda botnet drop and execute a file named chrome.exe on infected machines. This installs the Proteus malware, which immediately starts an encrypted communication channel with its CC server.

The Proteus malware current version number is 2.0.0, and it can perform the following actions:

Read previous post:
Commercial Bank of Dubai to Target Tech-Savvy Citizens with Digital-Only Bank

The Commercial Bank of Dubai (CBD) is getting ready to launch a mobile app-based digital bank for its clients in...

Close