Xworm V31 Updated May 2026

Exfiltrates browser credentials, cookies, Wi-Fi keys, and Discord/Telegram tokens.

XWorm is a sophisticated Remote Access Trojan first identified in 2022. It is typically sold as a on darknet forums and Telegram. The v3.1 update marked a shift toward a more versatile, plugin-based system, allowing threat actors to customize the malware with over 35 distinct modules depending on their goals—be it data theft, surveillance, or ransomware deployment. Key Features & Capabilities xworm v31 updated

The v3.1 update focused heavily on and anti-analysis . Researchers have observed it using a multi-stage infection chain: Exfiltrates browser credentials