Quant Loader trojan downloader spotted in the wild

trojan-horse2_329557
trojan-horse2_329557

Forcepoint has come across a new trojan downloader called Quant Loader that has already been spotted distributing Locky Zepto crypto-ransomware and Pony malware.

Forcepoint noted in a blog that Quant Loader was first spotted on sale on several Russian marketplaces on September 1 and less than two weeks later was being used as part of an email campaign. The research firm called Quant Loader a “very basic trojan downloader” most likely developed by the Russian cybercrime gang known as C++ GURU" aka "CPPGURU”. The primary piece of evidence put forth connecting this gang to Quant Loader is that these bad guys also developed DDoS Madness System which shares quite a bit of code and behaves in a similar manner to Quant Loader.

“This discredits the claim of Quant Loader being "developed from scratch" as their advert states. In fact the code base is so similar that many anti-viruses already detect Quant Loader as "Pliskal" or "Crugup,” Forcepoint said.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS