Categories: NewsSecurity

Trickbot Banking Trojan Now Targets Both International and U.S. Banks

Malware often targets specific banks. Trickbot has proven to be a rather strange banking Trojan, as it mainly affects users belonging to a specific bank or financial institution in a particular region. The latest update for this infamous banking Trojan allows developers to target U.S. banks and their customers. The malware has received some upgrades under the hood as well.

Trickbot Goes After US Banks to Hit the Jackpot

Most malware developers aim to make a lot of victims in the United States. This is especially true for banking Trojans and other tools capable of stealing financial information. The U.S. is still considered to be the heart of global finance, and its banks process an inordinate number of transactions every single day. If a criminal were able to infiltrate that system and use it to his advantage, he would hit the proverbial jackpot.

That is exactly what the updated version of Trickbot attempts to achieve. Although this banking Trojan has been around for quite some time now, it never affected U.S. banks in the past. Most of its damage has been done through man-in-the-middle attacks outside of the United States. Going after the proverbial jackpot also comes with a whole new set of risks., begging the question as to why the developers decided to up the ante so suddenly.

New spam campaigns facilitated by the Necurs botnet have been identified over the past few months. All of these campaigns have tried to spread Trickbot malware to U.S. banks. It appears this updated version of the malware includes a customized redirection attack, among other new tricks. This new redirection attack is used to obtain login credentials, personal information, and even financial authentication codes. A lot of damage could be done if this information were to fall into the wrong hands.

Related Post

Trickbot is currently distributed in the form of a Zip-archived email attachment that contains a Windows Script file that downloads and executes the malware in question. It is possible that other methods of distribution will become more prevalent over the coming weeks. It appears Trickbot is only targeting Windows machines right now, although it is still a bit too early in the game to tell for sure. This is only the beginning of a large-scale attack against U.S. banks and their customers.

It is important to note that this new version of Trickbot still targets non-U.S. banks as well, as that situation has not changed by any means. Every targeted region has its own customized redirection attack leveraging HTML or JavaScript injections. Visitors are redirected to malicious versions of the actual banking site where the malware successfully captures their login credentials and other sensitive details. Once the information is entered, users are apparently logged in and redirected to the legitimate page.

It is unclear how many people have been affected by this new version of Trickbot. This malware strain has the potential to cause a lot of havoc over the coming months and years, mainly due to its broad range of geographic targets. Users cannot tell the difference between the redirect website and the real version, making it incredibly difficult to spot the malware once it has infected a computer. This is a very troublesome situation, to say the least.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

1 hour ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

2 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

2 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

3 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

6 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

7 hours ago