<ul><li>PLAYFULGHOST is a new malware family with multiple features including keylogging, screen and audio capture, remote shell access, and file transfer/execution.</li><li>The PLAYFULGHOST backdoor is distributed through phishing emails and bundling with popular applications like LetsVPN, using SEO poisoning.</li><li>It uses DLL search order hijacking and side-loading to execute malicious DLLs, along with other additional malware families and utilities like BOOSTWAVE and TERMINATOR.</li><li>PLAYFULGHOST maintains persistence through run registry keys, scheduled tasks, startup folder, and Windows services.</li></ul>

PLAYFULGHOST backdoor supports multiple information stealing features

Discover more