HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Poenix Keylogger AIO Full Cracked

Status
Not open for further replies.
S

scania_man_old

Noob
User
Joined
Jul 12, 2024
Messages
10
Reputation
0
Reaction score
16
Points
3
Credits
0
‎1 Year of Service‎
100%
INTRODUCTION: KEYLOGGER MALWARE


Cybereason’s Nocturnus team is tracking a new keylogger gaining traction among cybercriminals called Phoenix. The keylogger first emerged in July 2019 packed with a myriad of information-stealing features. These features extend beyond solely logging keystrokes, to the point where we are inclined to classify it as an infostealer.

This research explains several aspects of the Phoenix keylogger, including:

  1. A Look Into the Underground Community: The underground, ongoing marketing efforts to promote Phoenix and its reception in the underground community.
  2. A Technical Breakdown: A technical breakdown of the Phoenix keylogger, including info stealing capabilities, communication through Telegram, and potential persistence.
  3. The Connection to a Previous Keylogger: The discovery of the Phoenix keylogger’s connection to the “orphaned” Alpha keylogger.


KEY FINDINGS


  • The Phoenix Keylogger: The Cybereason Nocturnus team is investigating multiple incidents of a new, emerging keylogger called Phoenix, and is now able to provide details into the keylogger’s operations and its creator.
  • Steals Data From Multiple Sources: Phoenix operates under a malware-as-a-service model and steals personal data from almost 20 different browsers, four different mail clients, FTP clients, and chat clients.
  • Tries to Stop over 80 Security Products: On top of its information stealing features, Phoenix has several defensive and evasive mechanisms to avoid analysis and detection, including an Anti-AV module that tries to kill the processes of over 80 different security products and analysis tools.
  • Targets Across Continents: Despite Phoenix having been released in July 2019, it has already targeted victims across North America, the United Kingdom, France, Germany and other parts of Europe and the Middle East. We expect more regions to be affected as it gains popularity.
  • Exfiltrates Data through Telegram: Phoenix offers common SMTP and FTP exfiltration protocols, but also supports data exfiltration over Telegram. 
    This link is hidden for visitors. Please Log in or register now.
    , a popular chat application worldwide, is leveraged by cybercriminals for its legitimacy and end-to-end encryption.
  • Has the Same Author as the Alpha Keylogger: Phoenix was clearly authored by the same team behind the Alpha keylogger, which disappeared earlier this year.
  • “Malware for the People”: This research showcases the ever-growing popularity of the Malware-as-a-Service model in the cybercrime ecosystem. Malware authors are developing malware that is easy for any user to operate and comes bundled with customer support and a competitive price point. As we move into 2020, we expect to see many less-technical cybercriminals leverage MaaS to commit cybercrime, especially as MaaS authors start to compete for the most impressive offering.

Advanced endpoint protection platforms address these kinds of attacks. Learn about
This link is hidden for visitors. Please Log in or register now.


Download link:
To see this hidden content, you must like this content.
 
Last edited by a moderator:
Status
Not open for further replies.
Back
Top