LO$R Logger v2: Logging the Road to Mastery

[Sebastian85 DF Member Posts:32 Threads:26 Reputation 0]

What is LO$R Logger v2?​LO$R Logger (short for Loki Password Stealer & Recorder) is a banking trojan and keylogger that first emerged in underground cybercrime forums. The v2 version represents a major upgrade, featuring:
 

• Enhanced credential theft (banking logins, credit cards, crypto wallets)
  
• Advanced evasion techniques (anti-VM, anti-sandbox, code obfuscation)
  
• Modular plugin system (allowing attackers to add new features)
  

Key Features of LO$R Logger v2​1. Banking & Financial Data Theft​

• Web injects
  
• Form grabbing
  
• Credit card harvesting
  
• Cryptocurrency theft
  

2. Keylogging & Screen Capture​

• Records keystrokes
  
• Takes screenshots
  
• Webcam hijacking
  

3. Anti-Detection & Evasion Techniques​

• Polymorphic code – Changes its signature to avoid AV detection.
  
• Process injection – Runs inside legitimate processes (e.g., explorer.exe).
  
• Virtual Machine (VM) evasion – Detects sandbox environments and shuts down.
  
• Rootkit functionality – Hides files, registry keys, and network activity.
  

4. C2 (Command & Control) Communication​

• Tor-based C2 servers
  
• Encrypted exfiltration
  
• Telegram bot integration
  

5. Persistence Mechanisms​

• Registry autorun keys
  
• DLL sideloading
  
• Task scheduler abuse
  

4 Share
Mega-NZ
Mirrored
Media Fire