1. Zeus (Zbot)
Zeus is one of the most notorious trojans that emerged in the mid-2000s. It primarily targets Windows-based systems and has been widely used for financial fraud and stealing banking credentials.
Features: Zeus is known for its advanced capabilities, such as keylogging, form grabbing (capturing data from web forms), and creating a backdoor on infected systems. It can also inject malicious code into legitimate processes and bypass antivirus detection.
SpyEye is a sophisticated trojan that evolved from the Zeus source code. It primarily targets Windows systems and is commonly used for banking fraud and information theft.
Features: SpyEye shares many features with Zeus, including keylogging, form grabbing, and browser manipulation. Additionally, it can inject malicious HTML code into banking websites to trick users into providing sensitive information.
Carberp is a banking trojan that emerged in 2010. It primarily targeted financial institutions in Russia and Ukraine, but it also affected other regions.
Features: Carberp has features like keylogging, form grabbing, and screen capturing. It can also modify online banking pages in real-time to trick users into providing their credentials. Carberp had a modular architecture, allowing attackers to extend its functionality.
Emotet is a versatile trojan that has been active since 2014. It is primarily distributed through spam emails and infected documents, often used as a delivery mechanism for other malware.
Features: Emotet is known for its worm-like capabilities, allowing it to spread laterally across a network. It has the ability to steal email credentials, propagate through email contacts, and download and execute additional payloads. Emotet has been associated with various criminal activities, including data theft and ransomware attacks.
DarkComet is a remote access trojan (RAT) developed by an independent programmer. It gained popularity among cybercriminals due to its availability and relatively easy-to-use interface.
Features: DarkComet provides various remote control functionalities, such as keylogging, screen capture, file transfer, webcam and microphone control, and more. It allows attackers to take full control of an infected system and monitor user activities.
It's important to note that the popularity and prevalence of specific trojans can change over time as new threats emerge and cybersecurity measures evolve.