Thanatos is the name of a new trojan discovered on the underground hacking market that strives to market itself as a ZeuS (banking trojan) alternative but also advertises its "malware killing" capabilities.
Discovered on March 6 by security firm Proofpoint, Thanatos (personification of Death in Greek mythology), also known as Alphabot, is a trojan that, when distributed to desired targets, can help its authors create a global-spanning botnet through which all sorts of malware modules can be pushed to its victims.
Thanatos' creators say their service is similar to ZeuS, but better. ZeuS is a now-defunct botnet that was active in 2014 and delivered mostly a banking trojan of the same name, and a few ransomware families in some rarer instances.
Thanatos is on sale on the Dark Web
According to an ad in an underground hacking forum, Thanatos works on all Windows versions, XP and onward, doesn't need admin privileges, can evade antivirus detection, is 32- and 64-bit friendly, and is written in C++, Masm, and Delphi, similarly to ZeuS (which, coincidentally, had its source code leaked).
The trojan's main functionality is its FormGrabber module, which can inject data inside the processes of popular Web browsers such as Internet Explorer (7-11), Firefox (all versions), Google Chrome (30+, except version 47) and even the newer Edge.
