15 Jan 2020

U.N. Weathers Storm of Emotet-TrickBot Malware

Emotet malware operators have recently targeted the United Nations personnel in an attack that aimed to deliver the TrickBot trojan malware. Researchers at Confense stated that a phishing campaign fraudulently representing the Permanent Mission of Norway has taken place over the last several days. The emails were sent to 600

Read More
09 Jan 2020

TrickBot Adds Custom, Stealthy Backdoor to its Arsenal

TrickBot is evolving to avoid detection by adding a new backdoor to its arsenal. Russian cybercriminals behind the malware have developed “PowerTrick” to infiltrate high-value targets and give TrickBot new capabilities. SentinelLabs stated that PowerTrick was released on Thursday and is designed to execute commands and return results in Base64

Read More
13 Dec 2019

Targeted Attacks Deliver New “Anchor” Malware to High-Profile Companies

A campaign that started in October is being used to deliver financial malware against entities in the manufacturing and retail sectors. Researchers at the Cybereason Nocturnus group have been following the new campaign closely, determining that it commences with a phishing attack to deliver TrickBot and ultimately delivers a relatively

Read More
12 Dec 2019

Analysts find connection between North Korean military and crimeware organization TrickBot

Analysts at SentinelLabs claim to have found some of the first evidence that links the crimeware organization TrickBot and Lazarus group. Lazarus group is the cyberwarfare division of the North Korean military’s Reconnaissance General Bureau. TrickBot debuted as a banking malware in the fall of 2016 and has since evolved

Read More
12 Nov 2019

TrickBot Malware Uses Fake Sexual Harassment Complaints as Bait

Recently, attackers have formulated fake sexual harassment complaints that appear to come from the U.S. Equal Employment Opportunity Commission to disperse TrickBot malware, which targets financial data and acts to deploy other malware. This spearphishing campaign utilizes social engineering tactics to convince targets into exposing sensitive information. The customized phishing

Read More