ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

CryptoBandits malware adds backdoor capability and routes via Tor

Source headline: CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 3 hours ago

Intelligence Summary

CryptoBandits is a malware family that blends cryptocurrency theft with remote access features. It can function as a backdoor after initial execution. The malware routes traffic through a local SOCKS5 proxy to help steer communications. It also leverages Tor to obscure origin and destination. This increases the difficulty of detection and takedown, so defenders should hunt for backdoor behavior and suspicious proxy/Tor usage.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#malware #backdoor #tor #cryptobandits #proxy #socks5
Original reporting SecurityWeek CryptoBandits Malware Doubles as a Backdoor, Abuses Tor
Open original source

Related Pulse Signals

View all signals
Critical · Cybersecurity FortiBleed campaign steals credentials from about 86,000 Fortinet devices Medium · Cybersecurity Pump.fun’s bounties scheme turns into a loop of circular scamming High · Cybersecurity NY Man Charged With Cyberstalking After AI-Generated Nude Harassment Medium · Cybersecurity Cisco to buy WideField Security and expand Splunk agentic SOC analytics