Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:36:13 UTC
Home > List all groups > List all tools > List all groups using tool CREDRIVER
 Tool: CREDRIVER
Names CREDRIVER
Category Malware
Type Reconnaissance, Backdoor, Credential stealer, Keylogger, Info stealer, Exfiltration
Description
(Rapid7) This backdoor has several features including:
1. Steal credentials from Internet Explorer
2. Steal credentials from Mozilla Firefox
3. Install a keylogger for intercepting credentials on Google Chrome
4. Operate in an interactive mode to allow the attacker to perform additional investigation on
the compromised system and exfiltrate data.
Information Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool CREDRIVER
Changed Name Country Observed
APT groups
 Tropic Trooper, Pirate Panda, APT 23, KeyBoy 2011-Jun 2023
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=065b3682-0730-4c0c-a11a-a1c57ced10f1
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=065b3682-0730-4c0c-a11a-a1c57ced10f1
Page 1 of 1