Categories: NewsSecurity

Trickbot Banking Trojan Now Targets Both International and U.S. Banks

Malware often targets specific banks. Trickbot has proven to be a rather strange banking Trojan, as it mainly affects users belonging to a specific bank or financial institution in a particular region. The latest update for this infamous banking Trojan allows developers to target U.S. banks and their customers. The malware has received some upgrades under the hood as well.

Trickbot Goes After US Banks to Hit the Jackpot

Most malware developers aim to make a lot of victims in the United States. This is especially true for banking Trojans and other tools capable of stealing financial information. The U.S. is still considered to be the heart of global finance, and its banks process an inordinate number of transactions every single day. If a criminal were able to infiltrate that system and use it to his advantage, he would hit the proverbial jackpot.

That is exactly what the updated version of Trickbot attempts to achieve. Although this banking Trojan has been around for quite some time now, it never affected U.S. banks in the past. Most of its damage has been done through man-in-the-middle attacks outside of the United States. Going after the proverbial jackpot also comes with a whole new set of risks., begging the question as to why the developers decided to up the ante so suddenly.

New spam campaigns facilitated by the Necurs botnet have been identified over the past few months. All of these campaigns have tried to spread Trickbot malware to U.S. banks. It appears this updated version of the malware includes a customized redirection attack, among other new tricks. This new redirection attack is used to obtain login credentials, personal information, and even financial authentication codes. A lot of damage could be done if this information were to fall into the wrong hands.

Related Post

Trickbot is currently distributed in the form of a Zip-archived email attachment that contains a Windows Script file that downloads and executes the malware in question. It is possible that other methods of distribution will become more prevalent over the coming weeks. It appears Trickbot is only targeting Windows machines right now, although it is still a bit too early in the game to tell for sure. This is only the beginning of a large-scale attack against U.S. banks and their customers.

It is important to note that this new version of Trickbot still targets non-U.S. banks as well, as that situation has not changed by any means. Every targeted region has its own customized redirection attack leveraging HTML or JavaScript injections. Visitors are redirected to malicious versions of the actual banking site where the malware successfully captures their login credentials and other sensitive details. Once the information is entered, users are apparently logged in and redirected to the legitimate page.

It is unclear how many people have been affected by this new version of Trickbot. This malware strain has the potential to cause a lot of havoc over the coming months and years, mainly due to its broad range of geographic targets. Users cannot tell the difference between the redirect website and the real version, making it incredibly difficult to spot the malware once it has infected a computer. This is a very troublesome situation, to say the least.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Retail Traders Panic Sell During ‘Fake Dip’; Whales Hold Tight to SOL, DTX, and SHIB for a Millionaire-Maker Bull Run

Solana (SOL): A Strong Ecosystem Despite Volatility Solana (SOL) has been all over the place…

22 mins ago

Llama 3.2 Predicts Price For Dogecoin: $2 Peak By 2025 And $5 Rally For DTX Exchange This Winter

Cryptocurrency trends are keen on the forecast that was recently released by Llama 3.2 model…

1 hour ago

Crypto Whale Sparks 8x Surge In $OPK Price with Massive Buy-in

A mysterious crypto whale, who previously invested 9,600 SOL into tokens $Pnut and $FRED, has…

3 hours ago

Early ENS Investor Transfers $2.47M To Binance Amid Upcoming Token Unlocks

An early investor linked to the $ENS token recently transferred 154,000 ENS tokens, valued at…

3 hours ago

Wintermute’s Memecoin Strategy: BABYDOGE Ranks Among Top 3 Holdings

In a surprising turn, $BABYDOGE has climbed to the top three in Wintermute’s memecoin holdings…

3 hours ago

$Pnut’s Meteoric Rise: How A Tragic Squirrel Inspired A Memecoin Sensation

The $Pnut memecoin recently soared past a $120 million market cap, creating unexpected wealth for…

3 hours ago