Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown


(also CoreBot malware)

CoreBot definition

CoreBot is a notorious banking Trojan that emerged in 2015. It primarily targets Windows-based systems and is designed to steal online banking users’ sensitive information, particularly login credentials and financial data.

CoreBot can capture keystrokes, take screenshots, and inject malicious code into web browsers. It intercepts and manipulates user interactions with banking websites.

See also: trojan, computer virus, banker trojan

CoreBot key characteristics

  • Distribution. CoreBot typically spreads through various means, including exploit kits, malicious email attachments, social engineering, or compromised websites.
  • Functionality. Once it infects a system, CoreBot establishes persistence by modifying system files and registry entries. It employs advanced evasion techniques to evade detection by security software.
  • Remote Access and Control. CoreBot provides its operators with remote access and control capabilities. This allows criminals to execute commands remotely, update the malware’s configuration, and download additional modules or payloads onto infected systems.
  • Information Theft. CoreBot focuses on stealing sensitive information related to online banking, including login credentials, account numbers, and financial data. It achieves this through keylogging, form-grabbing, and screen-capturing techniques.
  • Botnet Capabilities. CoreBot has the ability to connect to a command-and-control (C2) server, enabling communication with its operators. This allows attackers to remotely control and manage the infected systems as part of a botnet.

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.