Proteus is a trojan on Microsoft Windows.


The trojan arrives as a Google Chrome executable. When run, it drops a copy of itself in the %AppData% folder and executes the copy, the trojan contacts a command-and-control server and sends information of the infected machine (username, current version of the operating system). The trojan verifies with the server during runtime to determine which miner to use for mining digital currency such as Bitcoin, and also installs a keylogger.