TrickBot – Page 11 – WindowsTechs.com

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

Posted on March 24, 2020 by Pavel Asinovsky

Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component.

The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence.

Continue reading TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany→

TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal

Posted on March 18, 2020 by Tara Seals

A fresh module aims to compromise remote desktop accounts to access corporate resources. Continue reading TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal→

New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong

Posted on March 18, 2020 by Liviu Arsene

Bitdefender researchers have discovered a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations on select targets. The new module was discovered on January 30 and, based on the IP addresses it targets, victims seem to be US and Hong Ko… Continue reading New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong→

New TrickBot Variant Updates Anti-Analysis Tricks

Posted on March 11, 2020 by Lindsey O'Donnell

A new TrickBot variant shows that the malware is continuing to swap out new anti-analysis and persistence tactics. Continue reading New TrickBot Variant Updates Anti-Analysis Tricks→

Necurs Botnet in Crosshairs of Global Takedown Offensive

Posted on March 11, 2020 by Elizabeth Montalbano

The tech giant will take control of the U.S.-based infrastructure used by the criminals behind the world’s most prolific botnet used to distribute malware and infect victim computers. Continue reading Necurs Botnet in Crosshairs of Global Takedown Offensive→

What sites is Trickbot targeting?

Posted on March 5, 2020 by Gary Warner, UAB

Its been a while since we decoded Trickbot configs to see what banks and organizations were being actively targeted. While recently most of the news about Trickbot has been how it drops the Ryuk Ransomware, and that is certainly important, we can… Continue reading What sites is Trickbot targeting?→

Coronavirus warning spreads computer virus

Posted on March 5, 2020 by Paul Ducklin

There’s an attachment that you are “strongly recommended to read” on account of coronavirus infections in your area. Don’t open it! Continue reading Coronavirus warning spreads computer virus→

TrickBot Adds ActiveX Control, Hides Dropper in Images

Posted on March 2, 2020 by Tara Seals

The tricky trojan has evolved again, to stay a step ahead of defenders. Continue reading TrickBot Adds ActiveX Control, Hides Dropper in Images→

SMS Attack Spreads Emotet, Steals Bank Credentials

Posted on February 19, 2020 by Lindsey O'Donnell

A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan. Continue reading SMS Attack Spreads Emotet, Steals Bank Credentials→

Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection

Posted on February 19, 2020 by Limor Kessem

Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 — in terms of both spam and infecting potential victims via SMiShing attacks.

The post Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection appeared first on Security Intelligence.

Continue reading Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection→