The KingOfHearts malware is a backdoor Trojan written in C++. Its development and usage are attributed to the group of criminals responsible for the SLOTHFULMEDIA RAT, which was reported in the first days of October 2020. The KingOfHearts malware, however, is by no means new. The earliest artifacts linked to its activity are from 2014, and it has undergone significant updates since then. The threat is spread with the assistance of spear-phishing emails containing corrupted Microsoft Office documents.
KingOfHearts's features are typical for a backdoor Trojan, and it does not shine with any spectacular functionality. It can:
- Execute remote commands.
- Access the file system, and modify, view, delete or create files.
- Download/upload files and folders.
- View and manage running processes.
- Capture screenshots.
The data collected by the KingOfHearts is transferred to a remote server via HTTP or HTTPS. Despite the lack of unique features, the KingOfHearts malware is certainly not to be underestimated. It has been able to cause significant damage over its five years of activity, and it is very likely that the backdoor Trojan is still active to this very day.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to KingOfHearts may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.