Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

You have declined cookies. This decision can be reversed.

Trickbot malware hits more than 40 countries – and your bank account is at risk

Written by  Oct 11, 2017

The number of infections in Latin America remains small, but IBM researchers believe that such a strategy is run-of-the-mill for the cybercrime gang responsible, which is known to "test the waters" before adding local banks to its list of official targets.

Trickbot first came to light in October 2016 after it hit financial institutions across Asia and Australia, later evolving to target the UK, Germany and Canada.

It launches "redirection" cyberattacks via spam emails in order to send victims to a booby-trapped websites posing as the legitimate banking services.

Targeted individuals – if duped – enter their usernames and passwords into the fake websites which, in reality, send their credentials straight to the criminals.

In its research, IBM said Trickbot has spread quickly to dozens of countries and language zones.

At current count, experts found that it is targeting banks in more than 40 countries spanning Asia, Europe, North America, South America, Australia and New Zealand.

"The TrickBot Trojan is an evolving malware project that appears to have funding and alliances in the cybercrime arena," Kessem wrote in a blog post.

"Its targets are mostly business banking, wealth management and private banking services, which means that the malware's operators are after corporate money and hefty illicit profits. This gang is [...] organised, international and unlikely to disappear anytime soon."

Previously, a version of the Trojan was spotted with worm-like capabilities by Flashpoint, a cybersecurity firm. It was designed to spread in the same fashion as "WannaCry" and "NotPetya", two ransomware strains which both caused global chaos earlier this year.

That hasn't happened yet, but that doesn't mean the Trojan is not a threat, IBM said.

In September this year, the company said a botnet called "Necurs" - which spread the malware globally - helped to spew out more than 40 million emails containing Trickbot.

The research also suggested that the cybercriminals behind the attacks have been "experimenting with other ideas," These include serving up the Trojan directly from fake banking websites and using new types of malicious code to illicitly mine cryptocurrency from victims' machines.

The identities of those behind the scheme remain a mystery.

A timeline of Trickbot’s global spreadIBM X-Force “Harvey Weinstein is just a man being a man

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Advertisement

  1. Popular
  2. Trending
  3. Comments

Advertisement

Calendar

« December 2017 »
Mon Tue Wed Thu Fri Sat Sun
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Apple Mac Tips

apple mac tips