Admin.HLP is a new Trojan that monitors keystrokes on the victim's computer it is installed on, therefore able to collect sensitive information such as credit card numbers, usernames, passwords and etc. Once this information is collected, the Trojan sends it to the attacker's server over an encrypted, secured HTTPS connection.

Admin.HLP Trojan hides itself in a Windows help file called Amministrazione.hlp. Once the user opens the help file it triggers the Trojan which starts collecting keystrokes. The Admin.HLP Trojan is persistent and invoked again every time the victim's computer is restarted.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center