Return to previous page


The Smoke Loader botnet, publicly available since 2011  is still active on the black market — with more than 1,500 active samples detected in the past six months.”

Smoke Loader’s continuing popularity on the black market speaks to its ongoing innovation. As the downloader was among the first to use “PROPagate” injection techniques to compromise Windows machines. And while the loader is often tapped as a cypyto-mining delivery tool, it’s also a common delivery service for plugins. Such as those designed to target browser data, steal form data or denial-of-service (DDoS) attacks.

source: https://securityintelligence.com/news/smoke-loader-botnet-still-active-on-black-market-after-8-years/

This is the most recent version of smoke loader with the panel and builder. The payload size is 14kb making it easy to use with an RCE or other exploits.



Related Products

We are hiring support / developers on to the 0day Team! High pay-out and incentivesApply Now
+ +