Casa » Notícia » Banking Trojan TrickBot aprendeu a spam e já recolheu 250 milhão de endereços de e-mail

Banking Trojan TrickBot aprendeu a spam e já recolheu 250 milhão de endereços de e-mail

TrickBot programa malicioso, projetados para furtar dados e contatos de vítimas, recebeu um módulo adicional “TrickBooster”.

This module allows sending malicious emails on behalf of an infected user.

“TrickBooster dá TrickBot uma forma altamente eficaz para espalhar a infecção. By sending emails from trusted addresses within an organization TrickBot increases the odds that a would-be victim will open one of its trojanized attachments”, - escreve Forbes IS reviewer Lee Mathews.

Ao mesmo tempo, TrickBot acts very carefullyafter sending letters, the malware removes them from the “enviei” pasta. By doing this, he manages to avoid detection.

pesquisadores da O instinto profundo, who discovered servers associated with TrickBot spam campaigns, claim that to date, malware operators have managed to collect more than 250 milhão email addresses.

Among them is considerable amount of Gmail, Yahoo e Hotmail mailboxes, but there are also several emails owned by governmental agencies.

“U.S.-based accounts caught up in TrickBot’s web include staff from the Department of Justice, Department of State, Homeland Security, the Postal Service, as well as the FAA, ATF, IRS and NASA. Email accounts belonging to numerous Canadian and British agencies were also found in the database”, — reported Deep Instinct specialists.

If the user’s computer is already infected with TrickBot, the malware can download the TrickBooster component separately. Depois disso, malware will send a list of victim’s contacts to attackers.

Referência:

Em seu núcleo, TrickBot is a banking Trojan. The malware is typically distributed via spearphishing emailslike bogus resumes sent to human resources or invoices sent to accounts staff. Those are typically attached in the form of weaponized Microsoft Word or Excel files.

Sobre Trojan Killer

Carry Trojan Killer portátil em seu memory stick. Certifique-se que você é capaz de ajudar o seu PC resistir a quaisquer ameaças cibernéticas onde quer que vá.

Além disso, verifique

MageCart na Cloud Platform Heroku

Os investigadores encontraram vários MageCart Web Skimmers Em Heroku Cloud Platform

Researchers at Malwarebytes reported about finding several MageCart web skimmers on the Heroku cloud platform

Android Spyware CallerSpy

máscaras spyware CallerSpy como uma aplicação de chat Android

Trend Micro especialistas descobriram a CallerSpy malwares, que mascara como uma aplicação de chat Android, …

Deixar uma resposta