Name of Malware: SystemBC (Coroxy, DroxiDat)

Type of Malware: Proxy, Bot, Backdoor, RAT

Affected Operating Systems: Windows

Affected Device Types: PCs, laptops etc.

Impact: high

What is SystemBC?

SystemBC is a malware that can be used very flexibly. Its original main functionality was to provide the attacker with persistent access to an infected system and to make it available to them as a proxy server. SystemBC has now spread in multiple variants that offer additional functionalities, such as the exfiltration of data or the installation of further malware like, for example, ransomware.

How did I get infected with SystemBC?

SystemBC can enter a system through various infection paths, such as through phishing emails, by exploiting vulnerabilities, or through an attacker's prior intrusion into the victim's infrastructure.

What do I have to do now?

To remove SystemBC, it is recommended to scan the infected system with an antivirus program. Since the infection sometimes comes with additional malware, reinstallation of the operating system may be necessary

found under Removing infections from PCs, laptops etc.

Technical specifications

Further information on this malware can be found on the website of our project partner Fraunhofer FKIE.