THREATNOIR
Subscribe
Back to Feed
MalwareApr 30, 2026

1/2⚠️ A commodity remote access trojan called Scorpio hVNC is being sold as a subscription servic...

Scorpio hVNC remote access trojan sold as subscription service with credential theft and crypto stealing.

Read at source

Summary

Scorpio hVNC, a commodity remote access trojan (RAT), is being actively marketed and sold as a subscription-based service. The malware includes built-in capabilities for credential theft, cryptocurrency wallet stealing, and live keylogging. The threat actor behind its distribution is tracked as TR/Dropper.Gen5.

Indicators of Compromise

  • malware — Scorpio hVNC
  • malware — TR/Dropper.Gen5

Entities

TR/Dropper.Gen5 (threat_actor)