Atraps: What it is, how it steals data, and how to remove it

Atraps

What it is

Atraps is a Windows trojan that slips onto a PC to steal sensitive data (logins, cookies, system info) and may rope the device into the ZeroAccess botnet. For behavior details and examples, see the Atraps threat guide.

What you may notice

  • New logins or MFA prompts you didn’t trigger

  • Unknown processes, services, or startup items

  • High network activity when idle; security tools crash or disable

How it gets in

  • Phishing attachments and fake installers

  • Cracked software and malvertising

  • Exploits against outdated Windows, browsers, or plugins

Remove it now (quick steps)

  1. Disconnect from the network; avoid banking or email logins

  2. Run a full anti-malware scan and reboot

  3. From a clean device, change passwords and enable MFA

  4. Review startup items/scheduled tasks; remove unknown entries

  5. Monitor accounts for unusual activity; consider notifying your bank

Prevent it

  • Install software only from official sources

  • Keep Windows, browsers, and plugins updated

  • Block macros by default; be cautious with archives and links

  • Use a password manager + unique passwords + MFA

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Data Exfiltration

        What it is Data exfiltration is the unauthorized transfer of your data out of your device or network—quietly slipping customer records, passwords, designs, or finances to an attacker. It’s the punchline of many breaches: get in, get data out, cash ...

      • Data Breach

        What it is A data breach is when someone gets into a company’s systems without permission and steals sensitive info—customer names, emails, passwords, payment details, medical records, and more. For overview: see our data breach guide How it happens ...

      • EDR (Endpoint Detection and Response)

        What it is EDR is your always-on security team for laptops and servers. It watches what’s happening on each device, spots attacks in progress, and helps you respond fast - quarantine, investigate, and clean up. For details on capabilities and use ...

      • PSW.Stealer (Trojan-PWS)

        What it is A password-stealing trojan for Windows that harvests credentials and other sensitive data, then exfiltrates it to the attacker. See our overview for defenders for details. Why it matters Once stolen, credentials enable account takeovers, ...

      • RAM Scraping

        What it is RAM scraping is when malware reads a process’s live memory to grab sensitive data in plaintext before it’s encrypted or after it’s decrypted. Classic targets are point-of-sale apps where payment card data briefly appears in RAM, but ...