Categories: NewsSecurity

Trickbot Banking Trojan Now Targets Both International and U.S. Banks

Malware often targets specific banks. Trickbot has proven to be a rather strange banking Trojan, as it mainly affects users belonging to a specific bank or financial institution in a particular region. The latest update for this infamous banking Trojan allows developers to target U.S. banks and their customers. The malware has received some upgrades under the hood as well.

Trickbot Goes After US Banks to Hit the Jackpot

Most malware developers aim to make a lot of victims in the United States. This is especially true for banking Trojans and other tools capable of stealing financial information. The U.S. is still considered to be the heart of global finance, and its banks process an inordinate number of transactions every single day. If a criminal were able to infiltrate that system and use it to his advantage, he would hit the proverbial jackpot.

That is exactly what the updated version of Trickbot attempts to achieve. Although this banking Trojan has been around for quite some time now, it never affected U.S. banks in the past. Most of its damage has been done through man-in-the-middle attacks outside of the United States. Going after the proverbial jackpot also comes with a whole new set of risks., begging the question as to why the developers decided to up the ante so suddenly.

New spam campaigns facilitated by the Necurs botnet have been identified over the past few months. All of these campaigns have tried to spread Trickbot malware to U.S. banks. It appears this updated version of the malware includes a customized redirection attack, among other new tricks. This new redirection attack is used to obtain login credentials, personal information, and even financial authentication codes. A lot of damage could be done if this information were to fall into the wrong hands.

Related Post

Trickbot is currently distributed in the form of a Zip-archived email attachment that contains a Windows Script file that downloads and executes the malware in question. It is possible that other methods of distribution will become more prevalent over the coming weeks. It appears Trickbot is only targeting Windows machines right now, although it is still a bit too early in the game to tell for sure. This is only the beginning of a large-scale attack against U.S. banks and their customers.

It is important to note that this new version of Trickbot still targets non-U.S. banks as well, as that situation has not changed by any means. Every targeted region has its own customized redirection attack leveraging HTML or JavaScript injections. Visitors are redirected to malicious versions of the actual banking site where the malware successfully captures their login credentials and other sensitive details. Once the information is entered, users are apparently logged in and redirected to the legitimate page.

It is unclear how many people have been affected by this new version of Trickbot. This malware strain has the potential to cause a lot of havoc over the coming months and years, mainly due to its broad range of geographic targets. Users cannot tell the difference between the redirect website and the real version, making it incredibly difficult to spot the malware once it has infected a computer. This is a very troublesome situation, to say the least.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

WIF Set to Overtake BONK? Lunex Soars with 100x Potential in Altcoin Season

As altcoin season heats up, all eyes are on the rising stars—especially Lunex, which is…

4 hours ago

Binance Coin Price Dips: BNB Holders Rush To Lunex Presale To Hedge Their Long Positions

While the broader market witnessed a notable upward movement, Binance Coin (BNB) experienced a decline…

4 hours ago

Crypto Stalwarts Forecasted 800% Growth in Innovative Projects: VeChain, Rollblock and Polkadot!

This blazing crypto bull run has investors looking for the next top altcoins set to…

4 hours ago

Dogecoin Price Set To Recreate 36,000% Rally From 2021 After Pennant Formation

The Dogecoin price is back in the limelight, captivating the crypto world with its recent…

4 hours ago

Is XRP About to Explode? How Trump’s Victory Is Affecting XRP Price Amidst JetBolt Growth

Ripple’s XRP showed a 68% price increase in the last 7 days following Trump's victory,…

5 hours ago

Ethereum Down While Bitcoin, Solana, and JetBolt Skyrocket In End November 2024

Ethereum stumbles as Bitcoin surges past $97K, Solana eyes new highs, and JetBolt’s presale shakes…

7 hours ago