Kronos (malware)

Kronos was a type of banking Windows malware first reported in 2014. It was sold for $7,000.

It was developed as a followup to the UPAS Kit which has been released in 2012.

Similar to Zeus, it was focused on stealing banking login credentials from browser sessions via a combination of keylogging and web injection. In 2015, its attacks were focused on British banks.

In August 2017, British security researcher Marcus Hutchins (aka 'MalwareTech'), previously notable for his involvement stopping the May 2017 WannaCry ransomware attack, was arrested by the FBI whilst visiting the United States. He was alleged to have created the software in 2014, and to have sold it in 2015 via the AlphaBay forums. Hutchins later admitted to being paid to work on Kronos and its predecessor UPAS Kit (named after the toxic Upas tree) as the main developer between 2011 and spring 2015.