Info Stealer

CryptBot

First seen: 2019-01 • Status: active

Currently Active Threat

CryptBot has been around for years, stealing cryptocurrency and passwords. It often hides in fake software downloads and is particularly dangerous for crypto users.

Overview

CryptBot is a persistent information stealer that has been active since 2019. It primarily targets cryptocurrency wallets and browser credentials.

Also Known As

Cryptbot Stealer

How It Spreads

  • Fake software downloads
  • Pirated software
  • Malicious websites

What It Does

  • Steals cryptocurrency wallets
  • Extracts browser data
  • Harvests clipboard data

Is your business exposed?

Target Platforms

Windows 7, Windows 10, Windows 11

Detection Tips

  • Monitor clipboard access patterns
  • Watch for crypto wallet file access

MITRE ATT&CK Techniques

T1555, T1115, T1005

If You're Infected

  1. 1.

    Full antivirus scan

  2. 2.

    Move cryptocurrency to secure wallets

Related Malware

Redline Stealer, Vidar Stealer

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices