Skip to content
MalwareWiki

Malware

DRIFTPIN

aka Toshliph · Spy.Agent.ORM

Driftpin is a small and simple backdoor that enables the attackers to assess the victim.

DRIFTPIN, also known as Toshliph, Spy.Agent.ORM, is a Windows malware family operated by Anunak.

Background

Driftpin is a compact, straightforward backdoor that lets operators evaluate a compromised host. Upon launch, the trojan reaches out to a C&C server and accepts commands to capture screenshots, list active processes, and gather details about the system along with the campaign ID.

Source: Malpedia (Fraunhofer FKIE).