Click on screenshot to zoom
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Can't be uninstalled via Control Panel

Purple Fox

Purple Fox is a malicious application that downloads malware on its infected systems. Researchers say that it travels with a particular exploit kit, which means it might sneak in if a victim’s computer has specific vulnerabilities. If you want to know how capable this threat might be and what kind of malicious applications it could drop on a device, we encourage you to read the rest of our article. It is essential to mention that dealing with such a Trojan manually could be challenging and risky. Therefore, specialists recommend users who may come across this malware to erase Purple Fox with a reliable antimalware tool or help of cybersecurity experts instead of dealing with it on their own. In case you have any questions about this threat, feel free to leave us a comment below.

As explained earlier, Purple Fox enters a system with the help of a particular exploit kit that is called the Rig exploit kit. Exploit kits misuse vulnerabilities in their attacked systems to distribute malware or for other malicious purposes. The Rig exploit kit is known to be used for distributing threats like Trojans, ransomware, cryptocurrency miners, data stealers, and malicious applications alike. Knowing that it can get in and drop malware on a system by exploiting various weaknesses, it is vital to make sure that your computer does not have any exploitable vulnerabilities if you want to protect it from such attacks. To ensure this, our researchers advise keeping your operating system and other software that is installed on your device up to date. Also, it would be smart to use strong passwords and secure your device’s Remote Desktop Protocol (RDP) connections. Of course, keeping a reliable antimalware tool that could recognize various threats could strengthen your system and help you stay away from malicious applications too.

According to the 360 Total Security Blog, Purple Fox infected more than 30 thousand users last year. Since the malware is still being spread in 2019 too, the amount of its victims is likely to be much bigger right now. However, Trend Micro specialists who researched this threat in detail say that the new variant has new capabilities. To be more precise, it is said that the Trojan is now capable of fileless infection. It means the threat does not need to download any files to settle in or to perform its tasks. Instead, it abuses tools like PowerShell that are already available on a system. Specialists say that such malware is extremely dangerous because detecting it on a device could be very difficult. Meaning, a threat like Purple Fox might stay for a while on a computer, and a user may not notice anything. While it stays on a device, the Trojan might download and install various threats on it, which could be detected, but a user might still not understand how they entered his system.

Furthermore, it was noticed that, usually, Purple Fox installs cryptocurrency miners, although it can drop other threats too. Cryptocurrency miners are applications that use computer resources to mine cryptocurrencies like Bitcoins. In a case such software is used on a computer without its user’s knowledge or permission, the cryptocurrency miner installed on it is considered to be malicious. Another thing you should know about these tools is that they can speed up your computer’s wear since it might use a lot of its resources like CPU. Unlike with Purple Fox or Trojans alike, users might notice their machines are working slower than usual, which might raise suspicion that there could be a cryptocurrency miner on a system.

One of the things that cybersecurity specialists recommend to protect devices from malicious applications like Purple Fox is to keep their operating systems up to date. Research shows that the Rig exploit kit we mentioned earlier, can exploit known vulnerabilities. Thus, you should never put updating your operating system or patching its weaknesses off if you do not want to risk your computer’s safety. Also, since exploit kits might be spread through unreliable websites and advertisements, it is recommendable to avoid such content. If computers you want to protect from Purple Fox and threats alike belong to a company, it is essential to educate its employees so they would not interact with suspicious data that could be carrying exploit kits or other malware. Plus, it might be useful to have specialists who could check the company’s systems for vulnerabilities and provide solutions on how to strengthen it.


Johnlery Triunfante and Earle Earnshaw. September 9, 2019. ‘Purple Fox’ Fileless Malware with Rookit Component Delivered by Rig Exploit Kit Now Abuses PowerShell. Trend Micro.

Elley. September 25, 2018. Purple Fox Trojan burst out globally and infected more than 30,000 users. 360 Total Security Blog.

Download Spyware Removal Tool to Remove* Purple Fox
  • Quick & tested solution for Purple Fox removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.