Casa » Noticias » Troyano bancario TrickBot aprendió a spam y ya ha recogido 250 millón de direcciones de correo electrónico

Troyano bancario TrickBot aprendió a spam y ya ha recogido 250 millón de direcciones de correo electrónico

Malicious program TrickBot, designed to steal credentials and contacts of victims, received an additional module “TrickBooster”.

This module allows sending malicious emails on behalf of an infected user.

“TrickBooster gives TrickBot a highly-effective way to spread infection. By sending emails from trusted addresses within an organization TrickBot increases the odds that a would-be victim will open one of its trojanized attachments”, - writes Forbes IS reviewer Lee Mathews.

Al mismo tiempo, TrickBot acts very carefullyafter sending letters, the malware removes them from thesent” carpeta. By doing this, he manages to avoid detection.

Los investigadores de la El instinto de profundidad, who discovered servers associated with TrickBot spam campaigns, claim that to date, malware operators have managed to collect more than 250 millón email addresses.

Among them is considerable amount of Gmail, yahoo y Hotmail mailboxes, but there are also several emails owned by governmental agencies.

“U.S.-based accounts caught up in TrickBot’s web include staff from the Department of Justice, Department of State, Homeland Security, the Postal Service, as well as the FAA, ATF, IRS and NASA. Email accounts belonging to numerous Canadian and British agencies were also found in the database”, — reported Deep Instinct specialists.

If the user’s computer is already infected with TrickBot, the malware can download the TrickBooster component separately. Después de esto, malware will send a list of victim’s contacts to attackers.

Referencia:

En su centro, TrickBot is a banking Trojan. The malware is typically distributed via spearphishing emailslike bogus resumes sent to human resources or invoices sent to accounts staff. Those are typically attached in the form of weaponized Microsoft Word or Excel files.

LEER  Nueva Dragonblood vulnerabilidades afectan WPA3 y revelar contraseñas Wi-Fi
[Total:0    Promedio:0/5]

Acerca de Trojan Killer

Trojan Killer llevar portátil en su dispositivo de memoria. Asegúrese de que usted es capaz de ayudar a su PC resistir cualquier amenaza cibernética donde quiera que vaya.

también puedes ver

Guiones para clickjacking detectados en sitios con una audiencia de 43 millones de usuarios

Guiones para clickjacking detectados en sitios con una audiencia total de 43 millones de usuarios por día

Por primera vez clickjacking atraído la atención de los expertos en seguridad de la información de más de diez …

Una vulnerabilidad en Trend Micro

Una vulnerabilidad en Trend Micro Password Manager pone en peligro a los usuarios de Windows

los investigadores encontraron SafeBreach una vulnerabilidad en el Administrador de contraseñas de Trend Micro. El uso de este problema de seguridad, …

Deja una respuesta