For those of us "mourning" the anticipated departure of Nuclear Grabber's trojan in late 2006, we turned out to be a little too eager to bury the “corpse”.

www.corpsespyware.net / www.prodexteam.com: Corpse’s official sites back in 2005-07:

Nuclear Grabber (earlier, a311 Death), better known publicly as either Haxdoor (for both) or Goldun (certain variants of Nuclear Grabber are classified as such by several antivirus editors), formed one of the best-selling banking malware kits available in the Russian-speaking carding community back in 2004-2006. The malware was sold directly by its developer, Corpse, for under $3,000 – quite a fair price for such a polyvalent specialized malware specimen.

Corpse offering his A311 on one of the Russian-speaking forums in 2005:

The malware ceased its official existence following the announcement in late 2006 by its creator, Corpse, that he would leave the carding scene. Thus, no new official versions of Nuclear Grabber were apparently released by Corpse after December 2006.

However, the story has taken a rather curious turn recently as one of the underground malware developers known as Shine has acquired the rights to Nuclear Grabber’s code from Corpse himself.

According to "Shine", Corpse’s code was remodelled to give birth to a new banking malware under the name "Adrenaline". Curiously, this masm32-written malware is now being sold at exactly the same price as Nuclear Grabber: $3,000. The code sale announcement was later confirmed by Corpse himself, provoking a wave of discontent on the forums since Corpse had previously announced that all Nuclear Grabber's code was lost in a fire accident.


Official Adrenaline thread by its developer, Shine on one of the carding forums:

Judging by the feedback received from the carding community, the malware has not yet attained the reliability and functionality level of its predecessor. However, Adrenaline's trojan was first introduced to the market in July 2008 and it usually takes about a year or so for a malware of that type to gain the customers' trust.

Corpse confirming the validity of Nuclear Grabber’s code transfer: