Trojan
Vawtrak
First seen: 2013-01 • Status: active
Currently Active Threat
Vawtrak is a banking virus that targets hundreds of banks. It is very good at hiding from antivirus software.
Overview
Vawtrak is a banking trojan known for its sophisticated evasion techniques and wide targeting of financial institutions.
Also Known As
Neverquest, Snifula
How It Spreads
- • Malspam
- • Exploit kits
- • Malvertising
What It Does
- • Banking credential theft
- • Web injection
- • Video recording
- • Remote access
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for banking site anomalies
- • Watch for Vawtrak IOCs
MITRE ATT&CK Techniques
T1185, T1056, T1125
If You're Infected
- 1.
Contact affected banks
- 2.
Full system remediation
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required