TrickBot is back with a new attack that has compromised 250 million email addresses

SHARE:

The TrickBot malware has returned with a new attack that may have compromised around 250 million email addresses. Earlier this year TrickBot...

The TrickBot malware has returned with a new attack that may have compromised around 250 million email addresses. Earlier this year TrickBot worked side-by-side the Ryuk ransomware to siphon millions of dollars for hackers, and now it is back again in less than a year. According to a report by Deep Instinct, a cybersecurity company, a new variant of TrickBot was revealed that joins forces with a malicious, email-based infection and distribution module named TrickBooster. The malware now has new capabilities such as stealing cookies.

The method for the attack hasn’t undergone too much change from previous methods, at least at the beginning of the attack. TrickBot infiltrates a victim’s computer and then the malware makes the machine download TrickBooster. This, in turn, reports back to a dedicated command and control server with a list of email addresses and log-in details which are gathered from the victim’s Inbox, Outbox and Address Book. After this, the TrickBooster server orders the infected machine to send malicious infection and spam emails. All these emails are then deleted from the Outbox and Trash so that the victim doesn’t realise the threat.

Deep Instinct investigated TrickBooster and its network infrastructure to find a database comprising of 250 million email addresses that were gathered by TrickBot operators. These email accounts were also, in all likeliness, targeted with the malicious emails. An email dump was recovered and this included about 26 million email accounts on Gmail, 19 million on Yahoo, 11 million on Hotmail, 7 million on AOL, 3.5 million on MSN, and 2 million on Yahoo U.K. Further investigation revealed that the compromised accounts involved several government departments and agencies in the US which included the Department of Justice, the Department of Homeland Security, the Department of State, the Social Security Administration, the Internal Revenue Service and more. There were also some government organisations and universities affected in the UK and Canada.

According to Deep Instinct, the discovery of TrickBot “highlights the success and sophistication of TrickBot”. The model of attack was described as “a powerful addition to TrickBot’s vast arsenal” of attacking methods. According to reports, the cybersecurity company stated that they are continuing their research and analysis in TrickBooster, and they will also be reporting details of the new TrickBot attack to the authorities.



from Latest Technology News https://ift.tt/2XHg1ll

COMMENTS

Name

7,1,Airtel,1,Andriod,1,Android,4,Android Q,1,apex,1,Apple,7,Apps,1,Asus Rog,1,Black Shark 2,2,Boeing 737 MAX,1,Bsnl,2,camera,2,CPU,3,Donald Trump,1,Earphone,1,Facebook,5,Fan,1,Fitbit,1,foldable Phone,2,Fortnite,1,Galaxy A40,1,Galaxy s10,1,Galaxy s10e,1,Games,10,gaming,1,Google,6,Google Pixel 2,1,Honor 10i,1,Huawe,1,Huawei,6,Huawei GT,1,IBM,1,Instagram,2,Internet,2,ios,2,iPad,2,iphone,2,Israel,1,jiomart,1,Laptop,1,Leica Q2,1,M20,1,mac,1,MacOS,1,Mi 9,1,Mi A2,1,Mi LED TV,1,MicroSoft,3,mobile,1,Moon,2,Mozilla,1,Nasa,2,News,1,Nokia,4,Nokia 62,1,Nvidias,1,OnePlus,4,Oppo,5,P30,3,Pixel,1,Poco F1,1,Pubg,12,Qualcomm,2,Redmi 3,1,Redmi 6 Pro,1,Redmi 7,1,Redmi Note 7,1,reliance,1,Reno,1,samsung,11,Skype,1,SmartPhone,56,Social,5,Spotify,1,Tech,35,Telecom,3,Touchpad,1,Tournament,1,TV,1,Twitter,1,Vivo,2,Watch,2,WhatsApp,1,Xbox,1,Xiaomi,16,y9li,1,
ltr
item
Genius Baba: TrickBot is back with a new attack that has compromised 250 million email addresses
TrickBot is back with a new attack that has compromised 250 million email addresses
https://i.ytimg.com/vi/F2h5gQ9pNFo/hqdefault.jpg
https://i.ytimg.com/vi/F2h5gQ9pNFo/default.jpg
Genius Baba
https://geniusbabaa.blogspot.com/2019/07/trickbot-is-back-with-new-attack-that.html
https://geniusbabaa.blogspot.com/
https://geniusbabaa.blogspot.com/
https://geniusbabaa.blogspot.com/2019/07/trickbot-is-back-with-new-attack-that.html
true
7104319406113350277
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy