TrickBot developers have spun up a new backdoor for high-value targets

The people behind banking trojan TrickBot have expanded the malware’s capability with a new backdoor meant to compromise high-value targets, according to new research from SentinelOne. The update should cause alarm for the financial sector, since it can enable cybercriminals to infect systems undetected with malicious software, and then surreptitiously escalate their attack to pilfer off confidential banking information, or launch ransomware attacks, according to SentinelLabs, SentinelOne’s new threat intelligence division. The new backdoor, which SentinelLabs calls “PowerTrick,” is likely launched through Windows management system PowerShell, which seems to indicates that the new fuction has been developed to reach intended victims while avoiding detection. “‘PowerTrick’ is a flexible new tool that allows attackers to augment their access on the fly while still staying undetected, bypassing restrictions and security controls,” Vitali Kremez, who leads research at SentinelLabs, said in a blog post. These findings are the latest addition to a growing body of research that details how scammers […]

The post TrickBot developers have spun up a new backdoor for high-value targets appeared first on CyberScoop.

Continue reading TrickBot developers have spun up a new backdoor for high-value targets