BazarLoader is a trojan with backdoor and loader functions used by TrickBot botnet operators to bypass security solutions and increase the effectiveness of malicious campaigns to infect systems against the background of frequent TrickBot detections.

It is actively used to download the Conti ransomware program to infected systems, previously downloaded the Ryuk trojan.

The BazarLoader trojan was first discovered in April 2020.