Banking Trojans are a significant economic threat. Not only can they target individual users, but they can also cause extensive damage to entire corporate networks. TrickBot, a new banking Trojan, is becoming a bigger threat every week. Thanks to its new browser manipulation techniques, it becomes even harder to detect the anomaly by the end user.
TrickBot Is A Force To Be Reckoned With
Kaspersky Labs issued a new warning about the TrickBot banking Trojan, which is currently making the rounds on a global scale. It is expected that this malware will become more prominent in the coming months. Distribution of this payload occurs through infection campaigns, fraud attacks, and the deliberate targeting of business and corporate users.
Even though security experts are all too aware of TrickBot, it was not considered a big threat until a few days ago. The developers of this malware have added several improvements to their Trojan, including multiple advanced browser manipulation techniques. This latter course of action is very common among banking Trojan developers, although TrickBot is raising the bar by the look of things.
During the early distribution phase of TrickBot, developers relied on server-side injections and redirection attacks. Customized redirection attacks, however, are now being executed against banks in the UK. By manipulating what potential victims see in their web browser, attackers can create the illusion that everything is OK for the end user.
It looks like the team behind TrickBot–who remain unidentified as of this writing–are targeting specific enterprises and financial institutions. A lot of spam emails are sent to companies, and every message contains the malware payload in some form. Attack methods range from infected Office macros to malicious email attachments, and malvertising.
So far, it appears that TrickBot shares a lot of similarities with Dyre, another famous banking Trojan. Despite the Dyre developers being locked up behind bars, the source code has fallen into the hands of this new collective. It is not unlikely that the group is working together with other criminals to execute these meticulous attacks.
The evolution of malware and Trojans has been worrisome, to say the least. Criminals remain one or more steps ahead of security researchers at any given time. By the time one threat is neutralized, another dozen has sprung up already. Computer users need to be vigilant at all times, as danger lurks in every nook and cranny these days.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
