Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

Skip to main content



Also known as: FakeDGA, WillExec

Category: Malware

Type: Trojan, botnet, downloader

Platforms: Windows


Damage potential: Botnet participation, DDoS attacks, chain infections, future payloads, data theft


MyloBot is a sophisticated trojan that can be customized based on the attacker’s intention. It can turn an infected system into a proxy, create a network of infected devices (bots), launch DDoS attacks, or install other malware such as ransomware, spyware, or banking trojans.

MyloBot stays inactive on an infected device for two weeks and only then starts communicating with its command and control server. In the meantime, it checks for other viruses and removes them — this is to ensure the efficiency of the attack that will be launched later on. MyloBot was first spotted in 2017 and has mainly targeted Windows devices since.

Possible symptoms

MyloBot blocks security software and firewalls to avoid detection, so you might suspect an attack if your antivirus software or firewalls are suddenly disabled.

You may also experience slowdowns or see unexpectedly high data usage and network activity. However, these are very subtle signals and might easily go unnoticed.

Sources of the infection

Cybercriminals can use phishing emails, unofficial download channels (e.g., freeware websites and peer-to-peer networks), fake software updates, and malicious websites and ads to distribute MyloBot.


You need to have good cybersecurity practices to protect your devices.

  • Use NordVPN to secure your online traffic.
  • Be careful with emails from unknown senders — do not click on suspicious links or attachments.
  • Avoid downloading files or software from unofficial sources such as freeware websites or peer-to-peer networks.
  • Scan downloaded files for viruses and block malware-ridden websites and ads with NordVPN’s Threat Protection.
  • Install reputable antivirus software and keep it updated.
  • Update your operating system and all other software you use.
  • Enable multi-factor authentication.
  • Regularly back up important data.
  • Implement network segmentation.


Manually removing this trojan from an infected device might be difficult. Instead, try using reliable antivirus software to detect and clear your system from MyloBot. If the infection persists, get help from an IT professional.

Ultimate digital security