Name of Malware: Amadey

Type of Malware: dropper, info stealer

Affected Operating Systems: Windows

Affected Device Types: PCs, laptops etc.

Impact: high

What is Amadey?

Amadey steals data from infected systems and exfiltrates screenshots in regular intervals. Additionally, Amadey is able to redirect cryptocurrency transactions by replacing the target address in the clipboard. After infection, the bot can also drop other malware.

How did I get infected with Amadey?

Amadey is mostly being distributed via phishing. Here, the user is tricked into installing Amadey, posing as a legitimate application. Additionally, Amadey is being dropped by other malware.

What do I have to do now?

To remove Amadey, it is recommended to scan the infected system with an Antivirus solution. Amadey tries to make this difficult by disabling Windows Defender. As Amadey often exposes the infected system to other malware, a reinstallation of the operating system may be necessary

Further information can be found under Removing infections from PCs, laptops etc.