- Joined
- Jul 22, 2025
- Messages
- 31
- Reaction score
- 6
- Points
- 8
- Location
- Location: Larnaca, Cyprus
- NullCash
- 496
What is LO$R Logger v2?
LO$R Logger (short for Loki Password Stealer & Recorder) is a banking trojan and keylogger that first emerged in underground cybercrime forums. The v2 version represents a major upgrade, featuring:- Enhanced credential theft (banking logins, credit cards, crypto wallets)
- Advanced evasion techniques (anti-VM, anti-sandbox, code obfuscation)
- Modular plugin system (allowing attackers to add new features)
Key Features of LO$R Logger v2
1. Banking & Financial Data Theft
- Web injects
- Form grabbing
- Credit card harvesting
- Cryptocurrency theft
2. Keylogging & Screen Capture
- Records keystrokes
- Takes screenshots
- Webcam hijacking
3. Anti-Detection & Evasion Techniques
- Polymorphic code – Changes its signature to avoid AV detection.
- Process injection – Runs inside legitimate processes (e.g., explorer.exe).
- Virtual Machine (VM) evasion – Detects sandbox environments and shuts down.
- Rootkit functionality – Hides files, registry keys, and network activity.
4. C2 (Command & Control) Communication
- Tor-based C2 servers
- Encrypted exfiltration
- Telegram bot integration
5. Persistence Mechanisms
- Registry autorun keys
- DLL sideloading
- Task scheduler abuse