LokiBot: All You Need to Know About This Info Stealer

March 9, 2021
icon
icon
icon

First rearing its ugly head in 2015, six years later, LokiBot malware is still a favorite tool of cyber criminals who use it to steal sensitive information. Indeed, not only is it a favorite of cyber criminals but according to the Cybersecurity and Infrastructure Security Agency (CISA), there’s also been a pronounced uptick in its use since July 2020. LokiBot is also known as  Loki PWS, Loki bot, and Loki-bot, but whatever you call it, this is a bad bot.

What exactly is LokiBot? 

Loki-Bot is a type of Trojan malware spread via spam emails, malicious attachments, malicious websites, or by exploiting software vulnerabilities.  One of the most recent versions of LokiBot attempts to infect its targets by impersonating the Epic Games launcher used for Fortnite, an online video game.  Researchers believe that phishing emails, complete with a legitimate-looking Epic Games logo, are used to distribute the fake launcher.

What happens when you’ve been infected?

Regardless of the method used to deliver it, LokiBot is one of today’s most dangerous and widespread malware.  LokiBot malware analysis has shown that LokiBot employs a keylogger to monitor its victim’s desktop and browser activity so hackers can capture usernames, passwords, bank information, contents of cryptocurrency wallets, and other personal data. It is also capable of disabling notifications, intercepting communications, and acting as a backdoor for installing additional payloads and performing other malicious actions. Furthermore, the latest version of LokiBot now has more layers of encryption, which makes it better at avoiding detection. 

But it’s not invincible

Because it is simple for them to implement, yet also highly effective at inflicting damage, LokiBot is a popular malware tool for cyber criminals, including those who are new to cyber crime or have relatively few technical skills. It can easily be purchased on underground forums too, which is another reason for its popularity. In fact, it’s so popular, you can even find setup videos publicly available on YouTube. Thankfully, however, LokiBot is far from invincible. There are highly effective, easy-to-implement defensive measures too that users can take to protect themselves.

Be mindful. Exercise caution when opening or downloading documents or attachments from an unknown source; don’t open or download any document unless you are certain it came from a source that is reliable and trustworthy. And even then, confirm with the source that the file is safe before you open it. Sometimes those trustworthy sources were unknowingly infected with malware that sends out fake emails. 

Use an antivirus. It’s probably safe to assume you have door locks installed on your home to keep out intruders. Similarly, you need to be just as vigilant when it comes to your electronic devices. Not installing an antivirus on your computer or laptop is akin to not having a lock on your front door; while once upon a time we could have left home without locking our front door, we can’t do that any longer. The same is true for your computers; you need antivirus protection to keep out the cyber criminals. Look for an antivirus with anti-phishing protection and a malicious website blocker to help protect you from dangerous emails and websites.

Stay patched!  One of the biggest and most common mistakes users make is to forget or disregard the reminders to update their software. Operating systems, browsers, and other types of software will frequently send out patches to vulnerabilities in their software. And while most reputable antivirus packages automatically update with the latest virus database, the point is the same: don’t ignore those software updates. They could be what protects you from a LokiBot attack. Next time you think about skipping or delaying that patch, remember this:  60% of breaches involved a software vulnerability for which a patch was available but just wasn’t applied.

On the lookout for LokiBot

Given the evolving power of LokiBot, its easy accessibility and implementation, and the huge payoff it delivers once it has reached its target, all indications are that LokiBot will remain a threat for some time to come. Fortunately, you can protect yourself: Be on the lookout for LokiBot by avoiding suspicious documents, keep your software updated, and install a modern antivirus that can protect you from phishing attacks and malicious websites.

Tags: Computer Viruses, Cybersecurity Threats, Malware, Security for Growing Businesses
icon
icon
icon

Must-Read Articles

01.
What Is The Best Antivirus For HP Laptop Users?
02.
Do You Know How To Scan Zip Files For Viruses And Zip Bombs?
03.
Tired of Being Tracked? How to Stop Being Tracked Online
04.
How Can Hackers Steal Your Social Security Number?
05.
“I Got Scammed On Instagram!” How To Detect An Instagram Scam
06.
Cash App Scams & Fraud: How Can I Protect Myself?
07.
Top Tips For How To Remove Hard Inquiries From Credit Report
08.
"I Got Scammed!" - Does PayPal Refund Money If Scammed?
09.
What Antivirus Does Google Use? Why You Shouldn't Just Rely On Google Virus Protection
10.
Has My Email Been Compromised? 5 Signs It's Been Hacked

Recent Articles

How to Recognize Fake ChatGPT & Fake Domains
What is Web Server Security? Best Secure Practices To Employ
Scams On Facebook Marketplace and How to Safely Sell Online

Discover more

Women in Cybersecurity: Changing The Face of Cyber
5 Things Small Businesses Must Do To Protect Themselves From Hackers
Love in the Time of Cybersecurity
Data Privacy Day: Staying Safe Online Post COVID-19
2020’s Most Notorious Cyber Attacks: SolarWinds and More
Ransomware Makes Use of Common Vulnerabilities
footer logo
+1 (989) 300-0998support@reasonlabs.com
Company
arrow
Who We AreWhy ReasonLabs?PlatformEventsIndustry RecognitionCareers
Resources
arrow
BlogLabsCyberpediaReportsNewsFAQ’s
Products
arrow
RAV Endpoint ProtectionSafer Web DNS FilteringRAV VPNRAV Managed EDROnline SecurityFamilyKeeper
© 2023 Reason Cybersecurity Ltd.
Product PoliciesPrivacy PolicyTerms & Conditions