ProtonBot is a hacking tool, which is gaining increasing popularity because of its low price. This Trojan loader can be acquired for just $50. Normally, Trojan loaders like the famous Smoke are sold for about $200 to $300 but do not offer very different capabilities to these of ProtonBot. Furthermore, the authors of ProtonBot have made sure to implement an easy to use interface so that even buyers with less experience would be able to navigate this hacking tool easily. The creators also provide technical support to the clients of ProtonBot. Having said all this, it is easy to see why ProtonBot is gaining traction in the hacking forums quickly.
Once ProtonBot lands on a system, it would scan it to find out if another copy of ProtonBot is already present on the PC. If the results are negative, ProtonBot will move on to set up a task, which would re-launch the threat every time the machine is rebooted. This is how ProtonBot gains persistence.
Two of the main features of ProtonBot are the ability to perform DDoS (Distributed-Denial-of-Service) attacks and the capability of acting as a clipboard modifier. The operator of ProtonBot could employ this Trojan loader to detect when a crypto-currency wallet's address is being copied by the victim and replace it with the crypto-currency wallet of the attacker without the user ever noticing. ProtonBot can detect wallets for Ethereum, Bitcoin, Dogecoin, Litecoin, Zcash and Dash.
ProtonBot is operated via the control panel, and it can perform a variety of tasks. This Trojan loader is able to remove itself from a system if necessary, and also update itself when scheduled. It can manipulate PowerShell and execute commands using it. ProtonBot is capable of loading Visual Basic scripts and Batch scripts. Alongside these features, this threat also can load HTML pages and change the wallpaper.
Cybersecurity experts have already detected several large campaigns where ProtonBot was employed. They involved the propagation of other threats such as RATs (Remote Access Trojans), Trojan crypto-currency miners and the Qulab Clipper mainly.
Dealing with ProtonBot can cost you dearly as this threat has quite the appetite for crypto-currencies. It is absolutely crucial to make sure you download and install a reputable anti-spyware suite and update it regularly.
Do You Suspect Your PC May Be Infected with ProtonBot & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like ProtonBot as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.