Info Stealer

LokiBot

First seen: 2015-01 • Status: active

Currently Active Threat

LokiBot steals passwords from over 100 applications including browsers and email clients.

Overview

LokiBot is a commodity stealer that targets passwords from browsers and applications.

Also Known As

Loki PWS, Loki Bot

How It Spreads

  • Phishing emails
  • Malicious documents
  • Fake software

What It Does

  • Password theft
  • Browser credential stealing
  • Cryptocurrency wallet theft

Is your business exposed?

Target Platforms

Windows, Android

Detection Tips

  • Monitor for credential access
  • Detect data exfiltration

MITRE ATT&CK Techniques

T1566, T1555, T1539

If You're Infected

  1. 1.

    Reset all stolen credentials

Related Malware

Redline Stealer, Agent Tesla

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices