BlotchyQuasar

Description

(IBM) BlotchyQuasar, which X-Force describes as a banking trojan due to it containing a hardcoded list of banking applications, was developed on top of the QuasarRAT codebase, and is under active development and supports a wide range of different custom commands. Some of the most interesting features include the installation of root certificates and proxy auto-config URLs, which may be used in conjunction with Google Chrome Kiosk mode to impersonate financial institutions.

Names

Name
BlotchyQuasar

Category

Malware

Type

  • Banking trojan
  • Backdoor
  • Info stealer
  • Credential stealer

Information

Other Information

Uuid

45f35d48-48a2-4bbf-831f-782f46d2d4d9

Last Card Change

2023-09-05