Trickbot, the bane of many cybersecurity professionals lives’, has begun to target the customers of 60 major institutions including Wells Fargo and Bank of America.
The attacks come through web injections and phishing campaigns.
Initially, Trickbot was a relatively simple Banking Trojan similar to Zeus, Agent Tesla, Dridex and DanaBot. Following the retirement of the Dyre botnet in 2016 and the infrastructure supporting the Emotet botnet being disrupted by Europol and the FBI last year, more focus has fallen on Trickbot activities.
Trickbot is a modular malware, meaning that users can adopt the software to conduct a wide range of attacks. Assaults can be tailored specifically for individual victims.
Check Point Research (CPR) published a a new study on Trickbot yesterday, noting that the malware is being used in targeted attacks against customers of 60 major institutions, primarily in located in the United States.
The companies themselves are not the victims of the malware. Instead, TrickBot operators are leveraging the brands’ reputations and names in numerous attacks.