The TrickBot malware is back with a new attack with has compromised about 250 million email addresses.
According to Deep Instinct, TrickBot teams up with TrickBooster to harvest login in credentials and email addresses.
An investigation revealed that several government organisations in the US, UK and Canada were among the affected.
Access Open Source Technology
Innovate w/ IBM and Discover New Open Source Technology Today. Learn More.
Click here to know more
The TrickBot malware has returned with a new attack that may have compromised around 250 million email addresses. Earlier this year TrickBot worked side-by-side the Ryuk ransomware to siphon millions of dollars for hackers, and now it is back again in less than a year. According to a report by Deep Instinct, a cybersecurity company, a new variant of TrickBot was revealed that joins forces with a malicious, email-based infection and distribution module named TrickBooster. The malware now has new capabilities such as stealing cookies.
The method for the attack hasn’t undergone too much change from previous methods, at least at the beginning of the attack. TrickBot infiltrates a victim’s computer and then the malware makes the machine download TrickBooster. This, in turn, reports back to a dedicated command and control server with a list of email addresses and log-in details which are gathered from the victim’s Inbox, Outbox and Address Book. After this, the TrickBooster server orders the infected machine to send malicious infection and spam emails. All these emails are then deleted from the Outbox and Trash so that the victim doesn’t realise the threat.
Deep Instinct investigated TrickBooster and its network infrastructure to find a database comprising of 250 million email addresses that were gathered by TrickBot operators. These email accounts were also, in all likeliness, targeted with the malicious emails. An email dump was recovered and this included about 26 million email accounts on Gmail, 19 million on Yahoo, 11 million on Hotmail, 7 million on AOL, 3.5 million on MSN, and 2 million on Yahoo U.K. Further investigation revealed that the compromised accounts involved several government departments and agencies in the US which included the Department of Justice, the Department of Homeland Security, the Department of State, the Social Security Administration, the Internal Revenue Service and more. There were also some government organisations and universities affected in the UK and Canada.
According to Deep Instinct, the discovery of TrickBot “highlights the success and sophistication of TrickBot”. The model of attack was described as “a powerful addition to TrickBot’s vast arsenal” of attacking methods. According to reports, the cybersecurity company stated that they are continuing their research and analysis in TrickBooster, and they will also be reporting details of the new TrickBot attack to the authorities.
|Release Date:||12 Jul 2019|
Popular Mobile PhonesView All
Hot DealsView All
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.