What kind of malware should be searched for if passwords of a compromised user's account are being used by attackers?

A keylogger is a type of malware specifically designed to record keystrokes made by a user on their keyboard. This can include capturing usernames, passwords, and other sensitive information as they are entered. If the passwords of a compromised user's account are being used by attackers, it suggests that the attackers have obtained those credentials, likely through the use of a keylogger. Keyloggers operate stealthily in the background, making them particularly effective at compromising security without the user's knowledge.

Other types of malware do not primarily focus on this kind of operation. For example, worms typically spread across networks by exploiting vulnerabilities, rather than capturing user input. Trojans often disguise themselves as legitimate software but do not inherently focus on recording keystrokes. Adware is primarily associated with displaying unwanted advertisements and does not usually engage in the systematic capture of sensitive information like passwords. Therefore, a keylogger is the most relevant type of malware in this context, as it directly addresses the situation of compromised account credentials being used by attackers.