Trickbot module descriptions

Trickbot (aka TrickLoader or Trickster), is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially the theft of online banking data. However, over time, its […]

Continue Reading

Trickbot spreads malware through new distribution channels

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and […]

Continue Reading

SmokeLoader, FormBook, Trickbot et Snake : malwares les + actifs en France en juillet 2021

Check Point Research (CPR), la branche de renseignement sur les menaces de Check Point® Software Technologies Ltd. (NASDAQ: CHKP), l’un des principaux fournisseurs de solutions de cybersécurité dans le monde, publie son classement des menace pour le mois de juillet 2021. Les chercheurs indiquent que si Trickbot reste le logiciel malveillant le plus répandu, l’enregistreur […]

Continue Reading

TrickBot Employs Bogus 1Password Installer to Launch Cobalt Strike

  The Institute AV-TEST records around 450,000 new critical programmings (malware) every day with several potentially unwanted applications (PUA). These are thoroughly examined by their team under characteristic parameters and classified accordingly.  Malware is a networking-generated file or code that infects, scans, exploits, or practically performs any activity that an attacker desires.  One such prevalent […]

Continue Reading

Trickbot improve its VNC module in recent attacks

Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The Trickbot botnet continues to evolve despite the operations conducted by law enforcement aimed at dismantling it. The authors recently implemented an update for the VNC module used for remote control over infected systems. In October, Microsoft’s […]

Continue Reading