Kronos (malware)

Kronos was a type of banking Windows malware first reported in 2014.

History

It was developed as a followup to the UPAS Kit which has been released in 2012.^[1] It was sold for $7,000.^[2]

Similar to Zeus,^[3] it was focused on stealing banking login credentials from browser sessions via a combination of keylogging and web injection.^[4] In 2015, its attacks were focused on British banks.^[2][1]

In August 2017, British security researcher Marcus Hutchins (aka 'MalwareTech'), previously notable for his involvement stopping the May 2017 WannaCry ransomware attack,^[5] was arrested by the FBI whilst visiting the United States.^[6] He was alleged to have created the software in 2014, and to have sold it in 2015 via the AlphaBay forums.^[7][8] Hutchins later admitted to being paid to work on Kronos and its predecessor UPAS Kit (named after the toxic Upas tree) as the main developer between 2011 and spring 2015.^[1]