Kronos was a type of banking Windows malware first reported in 2014.
It was developed as a followup to the UPAS Kit which has been released in 2012. [1] It was sold for $7,000. [2]
Similar to Zeus, [3] it was focused on stealing banking login credentials from browser sessions via a combination of keylogging and web injection. [4] In 2015, its attacks were focused on British banks. [2] [1]
In August 2017, British security researcher Marcus Hutchins (aka 'MalwareTech'), previously notable for his involvement stopping the May 2017 WannaCry ransomware attack, [5] was arrested by the FBI whilst visiting the United States. [6] He was alleged to have created the software in 2014, and to have sold it in 2015 via the AlphaBay forums. [7] [8] Hutchins later admitted to being paid to work on Kronos and its predecessor UPAS Kit (named after the toxic Upas tree) as the main developer between 2011 and spring 2015. [1]