A common malware called Lumma is made to steal private data. Since 2022, it has been freely offered for sale on the Dark Web. A malicious program called XWorm allows hackers to take remote control of compromised computers.

Another remote access trojan on the list is called AsyncRAT. It has the ability to covertly record a victim's screen activity, log keystrokes, install more malware, steal files, remain active on compromised systems, turn off security software, and initiate attacks that overwhelm targeted websites. It was also among the first malware families to be disseminated as a component of intricate attacks using AI-generated scripts.

With ANYRUN's cloud-based sandbox, Lumma infection can be avoided. You can successfully avoid LumMA infection by proactively analyzing dubious files and URLs in a sandbox environment. Let's see how ANY.RUN's cloud-based sandbox can help.

The makers of the malware Remcos Remcos have advertised it as a trustworthy remote access tool. Windows devices are the main target of the ransomware LockBit LockBit. The decentralized nature of the LockBit group has allowed it to compromise numerous high-profile organizations worldwide, including the UK's Royal Mail and India's National Aerospace Laboratories (in

2024).

Law enforcement agencies have taken steps to combat the Lock Bit group, leading to the arrest of several developers and partners. Despite these efforts, the group continues to operate, with plans to release a new version, LockBit

4.0, in 2025.

See how quickly LockBit infects and encrypts files on a system in this sandbox session. We can see that it changed 300 files in less than a minute by monitoring file system changes. Additionally, a ransom note containing instructions for recovering the data is dropped by the malware.