Eligibility: Available for consumer and business wireless accounts with eligible service. Device requirements: Compatible device is required and includes iPhone 6 or newer, running iOS v9.
Some features vary by device operating system. Other charges and restrictions may apply. Does not work when using certain video streaming apps. Not available while roaming internationally. Personal ID Monitor: May not detect all compromises or leaks of your personal data. Safe Browsing: May not detect all suspicious websites.
Requires activation of VPN and notifications to be enabled. Your mobile security app crashes every day, I have to delete it and re-install it every time to get it to open up, I have an iPhone 13 and I am running iOS Thank you for fixing the problem, app works just fine now, support notified me by email telling it was a backend problem and it has been addressed, it has been a few days with no crashes, great job, worth five stars, again thank you.
I used this app for 6 months small issues until 2 weeks ago it started blocking everyone I mean everyone in my contact list, my husband, kids, parents, siblings, job, dr. It ask like a virus because I decided to delete it from my phone completely it started causing me to miss important calls. When I deleted it it was still blocking all my calls that I had manually unblocked before I deleted it. I am stuck with it or my contacts cannot call me.
It is working in reverse. I found the developer email for Call Protect so please email to get your problem fixed g att. As a precaution I switched to the Unlimited Plan.
Then I noticed that my phone was sporadically connecting to WiFi. Advisor on technical knowledge and ATT technologies. Experience: Typically requires years experience. Supervisory: No. Ready to join our team? Apply today! This is a remote work from home position that can be located anywhere in the United States. Job Category:.
Confirm Email. Privacy Policy. You may opt-out at anytime by sending STOP to short code Skip to main content. Enhance Your Experience Get a newer, better browser it's free! USBferry is an information stealing malware and has been used by Tropic Trooper in targeted attacks against Taiwanese and Philippine air-gapped military environments. Valak is a multi-stage modular malware that can function as a standalone information stealer or downloader, first observed in targeting enterprises in the US and Germany.
VaporRage is a shellcode downloader that has been used by APT29 since at least Vasport is a trojan used by Elderwood to open a backdoor on compromised hosts. VBShower is a backdoor that has been used by Inception since at least VBShower has been used as a downloader for second stage payloads, including PowerShower.
It is mostly composed of original code, but also has some open source code. ViceLeaker is a spyware framework, capable of extensive surveillance and data exfiltration operations, primarily targeting devices belonging to Israeli citizens. ViperRAT is sophisticated surveillanceware that has been in operation since at least and was used to target the Israeli Defense Force. Volgmer is a backdoor Trojan designed to provide covert access to a compromised system.
It has been used since at least to target the government, financial, automotive, and media industries. Its primary delivery mechanism is suspected to be spearphishing. WannaCry is ransomware that was first seen in a global attack during May , which affected more than countries. It contains worm-like features to spread itself across a computer network using the SMBv1 exploit EternalBlue. WastedLocker is a ransomware family attributed to Indrik Spider that has been used since at least May WastedLocker has been used against a broad variety of sectors, including manufacturing, information technology, and media.
Waterbear is modular malware attributed to BlackTech that has been used primarily for lateral movement, decrypting, and triggering payloads and is capable of hiding network behaviors. WellMess is lightweight malware family with variants written in. Wevtutil is a Windows command-line utility that enables administrators to retrieve information about event logs and publishers. Wiarp is a trojan used by Elderwood to open a backdoor on compromised hosts. WindTail is a macOS surveillance implant used by Windshift.
Winexe is a lightweight, open source tool similar to PsExec designed to allow system administrators to execute commands on remote servers. Wingbird is a backdoor that appears to be a version of commercial software FinFisher.
It is reportedly used to attack individual computers instead of networks. WinMM is a full-featured, simple backdoor used by Naikon. Winnti for Linux is a trojan, seen since at least , designed specifically for targeting Linux systems. Reporting indicates the winnti malware family is shared across a number of actors including Winnti Group. The Windows variant is tracked separately under Winnti for Windows. Winnti for Windows is a Trojan that has been used by multiple groups to carry out intrusions in varied regions from at least to One of the groups using this malware is referred to by the same name, Winnti Group ; however, reporting indicates a second distinct group, Axiom , also uses the malware.
The Linux variant is tracked separately under Winnti for Linux. Wiper is a family of destructive malware used in March during breaches of South Korean banks and media companies. X-Agent for Android is Android malware that was placed in a repackaged version of a Ukrainian artillery targeting application. The malware reportedly retrieved general location data on where the victim device was used, and therefore could likely indicate the potential location of Ukrainian artillery.
Xbash is a malware family that has targeted Linux and Microsoft Windows servers. The malware has been tied to the Iron Group, a threat actor group known for previous ransomware attacks. Xbot is an Android malware family that was observed in primarily targeting Android users in Russia and Australia.
XcodeGhost is iOS malware that infected at least 39 iOS apps in and potentially affected millions of users. XCSSET was first observed in August and has been used to install a backdoor component, modify browser applications, conduct collection, and provide ransomware-like encryption capabilities.
It has more recently been observed targeting South Korean users as a pornography application. It is tracked separately from the XLoader for iOS. It is tracked separately from the XLoader for Android. The components of the framework are written in a variety of programming languages.
NET, and Golang. No malicious functionality was identified in the app, but it presents security risks. Zeroaccess is a kernel-mode Rootkit that attempts to add victims to the ZeroAccess botnet, often for monetary gain. Zeus Panda is a Trojan designed to steal banking information and other sensitive credentials for exfiltration.
ZLib is a full-featured backdoor that was used as a second-stage implant by Dust Storm from to It is malware and should not be confused with the compression library from which its name is derived. ZxShell is a remote administration tool and backdoor that can be downloaded from the Internet, particularly from Chinese hacker websites. It has been used since at least Agent Smith.
Agent Tesla. AutoIt backdoor. Bad Rabbit. Brave Prince. Cardinal RAT. Caterpillar WebShell. Cherry Picker. China Chopper. Cobalt Strike. Cobian RAT. Corona Updates. CSPY Downloader. Desert Scorpion. Exaramel for Linux. Exaramel for Windows. Gold Dragon. Golden Cup. Imminent Monitor. JSS Loader. Linux Rabbit. Net Crawler. Olympic Destroyer. P2P ZeuS. Pass-The-Hash Toolkit. Pegasus for Android.
Pegasus for iOS. Power Loader. Ragnar Locker. Revenge RAT. Rising Sun. Skeleton Key. Smoke Loader. SpyNote RAT. Stealth Mango. SYNful Knock. Tiktok Pro. Unknown Logger.
Windows Credential Editor. Winnti for Linux. Winnti for Windows. X-Agent for Android. XLoader for Android. XLoader for iOS. Zeus Panda. Home Software. Tool - Commercial, open-source, built-in, or publicly available software that could be used by a defender, pen tester, red teamer, or an adversary.
This category includes both software that generally is not found on an enterprise system as well as software generally available as part of an operating system that is already present in an environment.
Malware - Commercial, custom closed source, or open source software intended to be used for malicious purposes by adversaries.
S AdFind AdFind is a free command-line query tool that can be used for gathering information from Active Directory. S Agent Smith Agent Smith is mobile malware that generates financial gain by replacing legitimate applications on devices with malicious versions that include fraudulent ads. S Agent. S Allwinner Allwinner is a company that supplies processors used in Android tablets and other devices. S Anubis Anubis is Android malware that was originally used for cyber espionage, and has been retooled as a banking trojan.
S AppleJeus AppleJeus is a family of downloaders initially discovered in embedded within trojanized cryptocurrency applications. S AppleSeed AppleSeed is a backdoor that has been used by Kimsuky to target South Korean government, academic, and commercial targets since at least S Aria-body Aria-body is a custom backdoor that has been used by Naikon since approximately S Arp arp.
S at at. S Attor Attor is a Windows-based espionage platform that has been seen in use since S Azorult Azorult is a commercial Trojan that is used to steal information from compromised hosts. S Backdoor. Oldrea Havex Backdoor. D Bad Rabbit is a self-propagating ransomware that affected the Ukrainian transportation sector in S BendyBear BendyBear is an x64 shellcode for a stage-zero implant designed to download malware from a C2 server.
S Briba Briba is a trojan used by Elderwood to open a backdoor and download files on to compromised hosts. S BS BS is malware that was used by Ke3chang in spearphishing campaigns since at least S Bundlore OSX. Bundlore Bundlore is adware written for macOS that has been in use since at least S Carbanak Anunak Carbanak is a full-featured, remote backdoor used by a group of the same name Carbanak.
S Carberp Carberp is a credential and information stealing malware that has been active since at least S Carbon Carbon is a sophisticated, second-stage backdoor and framework that can be used to steal sensitive information from victims. S CarbonSteal CarbonSteal is one of a family of four surveillanceware tools that share a common C2 infrastructure.
S Catchamas Catchamas is a Windows Trojan that steals information from compromised systems. S Cerberus Cerberus is a banking trojan whose usage can be rented on underground forums and marketplaces. S certutil certutil. S Chaes Chaes is a multistage information stealer written in several programming languages that collects login credentials, credit card numbers, and other financial information.
S China Chopper China Chopper is a Web Shell hosted on Web servers to provide access back into an enterprise network that does not rely on an infected system calling back to a remote command and control server. S Circles Circles reportedly takes advantage of Signaling System 7 SS7 weaknesses, the protocol suite used to route phone calls, to both track the location of mobile devices and intercept voice calls and SMS messages.
S Clop Clop is a ransomware family that was first observed in February and has been used against retail, transportation and logistics, education, manufacturing, engineering, automotive, energy, financial, aerospace, telecommunications, professional and legal services, healthcare, and high tech industries.
S cmd cmd. S Cobalt Strike Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors". S Comnie Comnie is a remote backdoor which has been used in attacks in East Asia. S CookieMiner CookieMiner is mac-based malware that targets information associated with cryptocurrency exchanges as well as enabling cryptocurrency mining on the victim system itself.
S Crutch Crutch is a backdoor designed for document theft that has been used by Turla since at least S Cuba Cuba is a Windows-based ransomware family that has been used against financial institutions, technology, and logistics organizations in North and South America as well as Europe since at least December S Dacls Dacls is a multi-platform remote access tool used by Lazarus Group since at least December S Desert Scorpion Desert Scorpion is surveillanceware that has targeted the Middle East, specifically individuals located in Palestine.
S Dok Retefe Dok is a Trojan application disguised as a. S DoubleAgent DoubleAgent is a family of RAT malware dating back to , known to target groups with contentious relationships with the Chinese government. S Downdelph Delphacy Downdelph is a first-stage downloader written in Delphi that has been used by APT28 in rare instances between and S DownPaper DownPaper is a backdoor Trojan; its main functionality is to download and run second stage malware. S Dridex Bugat v5 Dridex is a prolific banking Trojan that first appeared in S Drovorub Drovorub is a Linux malware toolset comprised of an agent, client, server, and kernel modules, that has been used by APT S dsquery dsquery.
S Dtrack Dtrack is spyware that was discovered in and has been used against Indian financial institutions, research facilities, and the Kudankulam Nuclear Power Plant. S Duqu Duqu is a malware platform that uses a modular approach to extend functionality after deployment within a target network. S Dvmap Dvmap is rooting malware that injects malicious code into system runtime libraries. S Empire EmPyre, PowerShell Empire Empire is an open source, cross-platform remote administration and post-exploitation framework that is publicly available on GitHub.
S esentutl esentutl. S eSurv eSurv is mobile surveillanceware designed for the lawful intercept market that was developed over the course of many years. S EvilGrab EvilGrab is a malware family with common reconnaissance capabilities. S Explosive Explosive is a custom-made remote access tool used by the group Volatile Cedar.
S Felismus Felismus is a modular backdoor that has been used by Sowbug. S Fgdump Fgdump is a Windows password hash dumper. S FinFisher FinSpy FinFisher is a government-grade commercial surveillance spyware reportedly sold exclusively to government agencies for use in targeted and lawful criminal investigations. S Flame Flamer, sKyWIper Flame is a sophisticated toolkit that has been used to collect information since at least , largely targeting Middle East countries.
S Forfiles Forfiles is a Windows utility commonly used in batch jobs to execute commands on one or more selected files or directories ex: list all directories in a drive, read the first line of all files created yesterday, etc. S FrozenCell FrozenCell is the mobile component of a family of surveillanceware, with a corresponding desktop component known as KasperAgent and Micropsia. S FruitFly FruitFly is designed to spy on mac users.
S FTP ftp. S Ginp Ginp is an Android banking trojan that has been used to target Spanish banks. S GoldenSpy GoldenSpy is a backdoor malware which has been packaged with legitimate tax preparation software. S Gooligan Ghost Push Gooligan is a malware family that runs privilege escalation exploits on Android devices and then uses its escalated privileges to steal authentication tokens that can be used to access data from many Google applications.
S Grandoreiro Grandoreiro is a banking trojan written in Delphi that was first observed in and uses a Malware-as-a-Service MaaS business model. S gsecdump gsecdump is a publicly-available credential dumper used to obtain password hashes and LSA secrets from Windows operating systems. S Gustuff Gustuff is mobile malware designed to steal users' banking and virtual currency credentials.
S Hancitor Chanitor Hancitor is a downloader that has been used by Pony and other information stealing malware. S Helminth Helminth is a backdoor that has at least two variants - one written in VBScript and PowerShell that is delivered via a macros in Excel spreadsheets, and one that is a standalone Windows executable.
S Hikit Hikit is malware that has been used by Axiom for late-stage persistence and exfiltration after the initial compromise. S Hildegard Hildegard is malware that targets misconfigured kubelets for initial access and runs cryptocurrency miner operations. S httpclient httpclient is malware used by Putter Panda. S HummingBad HummingBad is a family of Android malware that generates fraudulent advertising revenue and has the ability to obtain root access on older, vulnerable versions of Android.
S Hydraq Aurora, RAT Hydraq is a data-theft trojan first used by Elderwood in the Google intrusion known as Operation Aurora, though variations of this trojan have been used in more recent campaigns by other Chinese actors, possibly including APT S IcedID IcedID is a modular banking malware designed to steal financial information that has been observed in the wild since at least S Imminent Monitor Imminent Monitor was a commodity remote access tool RAT offered for sale from until , when an operation was conducted to take down the Imminent Monitor infrastructure.
S Impacket Impacket is an open source collection of modules written in Python for programmatically constructing and manipulating network protocols. S ipconfig ipconfig. S Ixeshe Ixeshe is a malware family that has been used since at least against targets in East Asia.
S Javali Javali is a banking trojan that has targeted Portuguese and Spanish-speaking countries since , primarily focusing on customers of financial institutions in Brazil and Mexico.
Maljava jRAT is a cross-platform, Java-based backdoor originally available for purchase in S Judy Judy is auto-clicking adware that was distributed through multiple apps in the Google Play Store. S Kazuar Kazuar is a fully featured, multi-platform backdoor Trojan written using the Microsoft. S Kerrdown Kerrdown is a custom downloader that has been used by APT32 since at least to install spyware from a server on the victim's network. S Kessel Kessel is an advanced version of OpenSSH which acts as a custom backdoor, mainly acting to steal credentials and function as a bot.
S KeyBoy KeyBoy is malware that has been used in targeted campaigns against members of the Tibetan Parliament in S Kinsing Kinsing is Golang-based malware that runs a cryptocurrency miner and attempts to spread itself to other hosts in the victim environment.
S Koadic Koadic is a Windows post-exploitation framework and penetration testing tool. S Kwampirs Kwampirs is a backdoor Trojan used by Orangeworm. S LaZagne LaZagne is a post-exploitation, open-source tool used to recover stored passwords on a system. S LightNeuron LightNeuron is a sophisticated backdoor that has targeted Microsoft Exchange servers since at least S Linfo Linfo is a rootkit trojan used by Elderwood to open a backdoor on compromised hosts.
S LockerGoga LockerGoga is ransomware that has been tied to various attacks on European companies. S Lokibot Lokibot is a widely distributed information stealer that was first reported in S LoudMiner LoudMiner is a cryptocurrency miner which uses virtualization software to siphon system resources. S Lslsass Lslsass is a publicly-available tool that can dump active logon session password hashes from the lsass process.
S Lucifer Lucifer is a crypto miner and DDoS hybrid malware that leverages well-known exploits to spread laterally on Windows platforms. S Lurid Enfal Lurid is a malware family that has been used by several groups, including PittyTiger , in targeted attacks as far back as S Machete Pyark Machete is a cyber espionage toolset used by Machete.
S MacSpy MacSpy is a malware-as-a-service offered on the darkweb. S MailSniper MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms passwords, insider intel, network architecture information, etc.
S Mandrake oxide, briar, ricinus, darkmatter Mandrake is a sophisticated Android espionage platform that has been active in the wild since at least S Marcher Marcher is Android malware that is used for financial fraud. S Metamorfo Casbaneiro Metamorfo is a Latin-American banking trojan operated by a Brazilian cybercrime group that has been active since at least April S Micropsia Micropsia is a remote access tool written in Delphi. S Mimikatz Mimikatz is a credential dumper capable of obtaining plaintext Windows account logins and passwords, along with many other features that make it useful for testing the security of networks.
S MimiPenguin MimiPenguin is a credential dumper, similar to Mimikatz , designed specifically for Linux platforms. S Misdat Misdat is a backdoor that was used by Dust Storm from to S Mivast Mivast is a backdoor that has been used by Deep Panda. S MoleNet MoleNet is a downloader tool with backdoor capabilities that has been observed in use since at least S Monokle Monokle is targeted, sophisticated mobile surveillanceware.
S Mosquito Mosquito is a Win32 backdoor that has been used by Turla. S Naid Naid is a trojan used by Elderwood to open a backdoor on compromised hosts. S NanoCore NanoCore is a modular remote access tool developed in. S NBTscan NBTscan is an open source tool that has been used by state groups to conduct internal reconnaissance within a compromised network. S nbtstat nbtstat. S Nebulae Nebulae Is a backdoor that has been used by Naikon since at least S Nerex Nerex is a Trojan used by Elderwood to open a backdoor on compromised hosts.
S Net net. S Net Crawler NetC Net Crawler is an intranet worm capable of extracting credentials using credential dumpers and spreading to systems on a network over SMB by brute forcing accounts with recovered passwords and using PsExec to execute a copy of Net Crawler. S netstat netstat. S NetTraveler NetTraveler is malware that has been used in multiple cyber espionage campaigns for basic surveillance of victims.
S Netwalker Netwalker is fileless ransomware written in PowerShell and executed directly in memory. S Ngrok Ngrok is a legitimate reverse proxy tool that can create a secure tunnel to servers located behind firewalls or on local machines that do not have a public IP. S Nidiran Backdoor.
Nidiran Nidiran is a custom backdoor developed and used by Suckfly. S Nltest Nltest is a Windows command-line utility used to list domain controllers and enumerate domain trusts. S NotCompatible NotCompatible is an Android malware family that was used between at least and S Octopus Octopus is a Windows Trojan written in the Delphi programming language that has been used by Nomadic Octopus to target government organizations in Central Asia since at least S Okrum Okrum is a Windows backdoor that has been seen in use since December with strong links to Ke3chang.
D Backdoor. S Out1 Out1 is a remote access tool written in python and used by MuddyWater since at least S P.
Webshell Fobushell P. S Pallas Pallas is mobile surveillanceware that was custom-developed by Dark Caracal. S Pasam Pasam is a trojan used by Elderwood to open a backdoor on compromised hosts. S Pass-The-Hash Toolkit Pass-The-Hash Toolkit is a toolkit that allows an adversary to "pass" a password hash without knowing the original password to log in to systems.
S Penquin Penquin 2. S Peppy Peppy is a Python-based remote access Trojan, active since at least , with similarities to Crimson. S Pillowmint Pillowmint is a point-of-sale malware used by FIN7 designed to capture credit card information.
S Ping Ping Ping is an operating system utility commonly used to troubleshoot and verify network connections. S Pisloader Pisloader is a malware family that is notable due to its use of DNS as a C2 protocol as well as its use of anti-analysis tactics.
S pngdowner pngdowner is malware used by Putter Panda. S Pony Pony is a credential stealing malware, though has also been used among adversaries for its downloader capabilities. S PoshC2 PoshC2 is an open source remote administration and post-exploitation framework that is publicly available on GitHub. UAW Power Loader is modular code sold in the cybercrime market used as a downloader in malware families such as Carberp, Redyms and Gapz. S PowerShower PowerShower is a PowerShell backdoor used by Inception for initial reconnaissance and to download and execute second stage payloads.
S PowerSploit PowerSploit is an open source, offensive security framework comprised of PowerShell modules and scripts that perform a wide range of tasks related to penetration testing such as code execution, persistence, bypassing anti-virus, recon, and exfiltration.
S PowerStallion PowerStallion is a lightweight PowerShell backdoor used by Turla , possibly as a recovery access tool to install other backdoors. S Prikormka Prikormka is a malware family used in a campaign known as Operation Groundbait. S Proton Proton is a macOS backdoor focusing on data theft and credential access.
S PsExec PsExec is a free Microsoft tool that can be used to execute a program on another computer. S Pteranodon Pteranodon is a custom backdoor used by Gamaredon Group. S pwdump pwdump is a credential dumper. S Pysa Mespinoza Pysa is a ransomware that was first used in October and has been seen to target particularly high-value finance, government and healthcare organizations.
S Raindrop Raindrop is a loader used by APT29 that was discovered on some victim machines during investigations related to the SolarWinds cyber intrusion. S Ramsay Ramsay is an information stealing malware framework designed to collect and exfiltrate sensitive documents, including from air-gapped systems.
S RawDisk RawDisk is a legitimate commercial driver from the EldoS Corporation that is used for interacting with files, disks, and partitions. S Reaver Reaver is a malware family that has been in the wild since at least late S Red Alert 2.
S Reg reg. Utilities such as Reg are known to be used by persistent threats. S RegDuke RegDuke is a first stage implant written in. S Regin Regin is a malware platform that has targeted victims in a range of industries, including telecom, government, and financial institutions. S Remcos Remcos is a closed-source tool that is marketed as a remote control and surveillance software by a company called Breaking Security. S RemoteUtilities RemoteUtilities is a legitimate remote administration tool that has been used by MuddyWater since at least for execution on target machines.
S Remsec Backdoor. Remsec, ProjectSauron Remsec is a modular backdoor that has been used by Strider and appears to have been designed primarily for espionage purposes. S Riltok Riltok is banking malware that uses phishing popups to collect user credentials.
S RobbinHood RobbinHood is ransomware that was first observed being used in an attack against the Baltimore city government's computer network. S Rotexy Rotexy is an Android banking malware that has evolved over several years. S route route. S Rover Rover is malware suspected of being used for espionage purposes. S Ruler Ruler is a tool to abuse Microsoft Exchange services. S Ryuk Ryuk is a ransomware designed to target enterprise environments that has been used in attacks since at least S schtasks schtasks.
S SDelete SDelete is an application that securely deletes data in a way that makes it unrecoverable. S ServHelper ServHelper is a backdoor first observed in late S Seth-Locker Seth-Locker is a ransomware with some remote control capabilities that has been in use since at least S Shamoon Disttrack Shamoon is wiper malware that was first used by an Iranian group known as the "Cutting Sword of Justice" in S SharpStage SharpStage is a.
NET malware with backdoor capabilities. S ShimRat ShimRat has been used by the suspected China-based adversary Mofang in campaigns targeting multiple countries and sectors including government, military, critical infrastructure, automobile, and weapons development. S Sibot Sibot is dual-purpose malware written in VBScript designed to achieve persistence on a compromised system as well as download and execute additional payloads.
S SilkBean SilkBean is a piece of Android surveillanceware containing comprehensive remote access tool RAT functionality that has been used in targeting of the Uyghur ethnic group.
S Siloscape Siloscape is malware that targets Kubernetes clusters through Windows containers. S Skeleton Key Skeleton Key is malware used to inject false credentials into domain controllers with the intent of creating a backdoor password.
S Skidmap Skidmap is a kernel-mode rootkit used for cryptocurrency mining. S Skygofree Skygofree is Android spyware that is believed to have been developed in and used through at least S Sliver Sliver is an open source, cross-platform, red team command and control framework written in Golang. S Smoke Loader Dofoil Smoke Loader is a malicious bot application that can be used to load other malware. S Spark Spark is a Windows backdoor and has been in use since as early as S spwebmember spwebmember is a Microsoft SharePoint enumeration and data dumping tool written in.
S sqlmap sqlmap is an open source penetration testing tool that can be used to automate the process of detecting and exploiting SQL injection flaws. S Starloader Starloader is a loader component that has been observed loading Felismus and associated tools. S Stealth Mango Stealth Mango is Android malware that has reportedly been used to successfully compromise the mobile devices of government officials, members of the military, medical professionals, and civilians.
S Stuxnet W Stuxnet Stuxnet was the first publicly reported piece of malware to specifically target industrial control systems devices. S Sykipot Sykipot is malware that has been used in spearphishing campaigns since approximately against victims primarily in the US. S SYNful Knock SYNful Knock is a stealthy modification of the operating system of network devices that can be used to maintain persistence within a victim's network and provide new capabilities to the adversary.
S Sys10 Sys10 is a backdoor that was used throughout by Naikon. S Systeminfo Systeminfo Systeminfo is a Windows utility that can be used to gather detailed information about a computer. S T T is a backdoor that is a newer variant of the T malware family, also known as Plat1. S Taidoor Taidoor is a remote access trojan RAT that has been used by Chinese government cyber actors to maintain access on victim networks.
S TajMahal TajMahal is a multifunctional spying framework that has been in use since at least S Tasklist The Tasklist utility displays a list of applications and services with their Process IDs PID for all tasks running on either a local or a remote computer. S ThiefQuest MacRansom. K, EvilQuest ThiefQuest is a virus, data stealer, and wiper that presents itself as ransomware targeting macOS systems.
S Tor Tor is a software suite and network that provides increased anonymity on the Internet. S Triada Triada was first reported in as a second stage malware. S Trojan-SMS. S Trojan. Karagany xFrost, Karagany Trojan. Mebromi Trojan. S Twitoor Twitoor is a dropper application capable of receiving commands from social media. S Umbreon A Linux rootkit that provides backdoor access and hides from defenders.
S Unknown Logger Unknown Logger is a publicly released, free backdoor. S Uroburos Uroburos is a rootkit used by Turla. S Valak Valak is a multi-stage modular malware that can function as a standalone information stealer or downloader, first observed in targeting enterprises in the US and Germany.
S Vasport Vasport is a trojan used by Elderwood to open a backdoor on compromised hosts. S ViceLeaker Triout ViceLeaker is a spyware framework, capable of extensive surveillance and data exfiltration operations, primarily targeting devices belonging to Israeli citizens.
S Volgmer Volgmer is a backdoor Trojan designed to provide covert access to a compromised system. S Waterbear Waterbear is modular malware attributed to BlackTech that has been used primarily for lateral movement, decrypting, and triggering payloads and is capable of hiding network behaviors. S WellMess WellMess is lightweight malware family with variants written in. S Wevtutil Wevtutil is a Windows command-line utility that enables administrators to retrieve information about event logs and publishers.
S Wiarp Wiarp is a trojan used by Elderwood to open a backdoor on compromised hosts. S Winexe Winexe is a lightweight, open source tool similar to PsExec designed to allow system administrators to execute commands on remote servers. S Wingbird Wingbird is a backdoor that appears to be a version of commercial software FinFisher.
S Winnti for Linux Winnti for Linux is a trojan, seen since at least , designed specifically for targeting Linux systems.
0コメント