HackDig : Dig high-quality web security articles for hackers

Microsoft on the counter­attack! Trickbot malware network takes a hit

byPaul DucklinGood news, for a while at least.Microsoft went to US District Court for the greater good of all of us and came away with a court order permitting it to take over a whole raft of internet servers.The company was authorised to take over a wide range of IP numbers, effectively ripping them out from under their existing users and repurposing them f
Publish At:2020-10-12 19:12 | Read:157 | Comments:0 | Tags:Malware Ransomware Microsoft ransomware Ryuk TrickBot

Report: U.S. Cyber Command Behind Trickbot Tricks

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Image: Shuttstock. On Oc
Publish At:2020-10-10 02:05 | Read:183 | Comments:0 | Tags:Ne'er-Do-Well News Ransomware alex holden Hold Security nati

Attacks Aimed at Disrupting the Trickbot Botnet

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. A text snippet from
Publish At:2020-10-02 14:41 | Read:209 | Comments:0 | Tags:Ransomware The Coming Storm alex holden Hold Security Intel

TrickBot Malware Warning Victims of Infection by Mistake

Security researchers observed some variants of the TrickBot malware family mistakenly warning victims that they had suffered an infection.Advanced Intel’s Vitali Kremez traced the mistake to “password-stealing grabber.dll.” This module is responsible for stealing browser credentials and cookies from Google Chrome, Microsoft Edge and other w
Publish At:2020-07-13 10:30 | Read:369 | Comments:0 | Tags:IT Security and Data Protection Latest Security News malware

Trickbot Malware Using Screen Resolution Checks as Anti-VM Tactic

Security researchers spotted Trickbot malware checking the screen resolution as a means of evading analysis on a virtual machine (VM).Digital security firm MalwareLab came across a sample of the trojan that checked to see whether a computer’s screen resolution was either 800×600 or 1024×768. It then terminated if it found that the screen reso
Publish At:2020-07-02 08:07 | Read:436 | Comments:0 | Tags:IT Security and Data Protection Latest Security News evasion

Office 365 users that are returning to the workplace targeted with Coronavirus training resources

Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources. Threat actors continue to use Coronavirus lures adapting their technique to the current situation. The attack techniques adopted by the threat actors depends on the state of businesses in each region. In places
Publish At:2020-06-29 03:44 | Read:675 | Comments:0 | Tags:Breaking News Cyber Crime coronavirus Hacking hacking news i

Ryuk Ransomware Deployed Two Weeks After Initial Trickbot Infection

Several attack campaigns waited two weeks after achieving a successful Trickbot infection before they deployed Ryuk ransomware as their final payload.SentinelOne came across the attacks as the result of monitoring an attack server employed by Trickbot’s handlers. In the process, they discovered data for three separate attacks that occurred in the begin
Publish At:2020-06-23 11:46 | Read:442 | Comments:0 | Tags:IT Security and Data Protection Latest Security News ransomw

Crooks hijack “Black Lives Matter” to spread zombie malware

byPaul DucklinCommunity-focused cbyersecurity website abuse.ch is warning of a malware spreading campaign that is using “Black Lives Matter” to draw victims in.Sneakily, the crooks have broadened the reach of their attack by keeping their emails short and objective – the crooks very deliberately haven’t taken a social or political pos
Publish At:2020-06-11 14:00 | Read:416 | Comments:0 | Tags:Malware Black Lives Matter downloader macros malware TrickBo

Trickbot Using Fake Black Lives Matter Voting Campaign for Distribution

Security researchers came across an attack email that leveraged a fake Black Lives Matter voting campaign to distribute Trickbot malware.Digital security firm Abuse.ch found that the attack email pretended to originate from a sender known as “Country administration.” Building on its subject line “Vote anonymous about Black Lives Matter,R
Publish At:2020-06-11 10:13 | Read:439 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Black L

TrickBot operators exploit COVID-19 as lures

IBM X-Force researchers spotted a new COVID-19-themed campaign spreading the infamous TrickBot trojan through fake messages. IBM X-Force researchers uncovered a new COVID-19-themed campaign that is spreading the infamous TrickBot trojan through fake messages. The spam messages pretend to be sent by the Department of Labor’s Family and Medical Leave Act
Publish At:2020-05-03 08:26 | Read:748 | Comments:0 | Tags:Breaking News Cyber Crime Malware coronavirus COVID-19 it se

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), w
Publish At:2020-05-03 08:13 | Read:706 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Fraud

Trickbot is the most prolific malware operation using COVID-19 themed lures

TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. The analysis of Microsoft Office 365 ATP data revealed that TrickBot is, at the moment, the malware operation with the highest number of unique COVID-19-themed malicious emails and attachments.
Publish At:2020-04-18 06:05 | Read:1088 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware coronavirus COVID-

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

The past two years have borne witness to the increasing collaboration between organized cybercrime groups to avoid duplication of efforts and maximize profits. Although this collaboration has primarily occurred between gangs developing and distributing well-known banking Trojans, such as Emotet, TrickBot and IcedID, it does not stop there. In a new and dange
Publish At:2020-04-07 08:25 | Read:821 | Comments:0 | Tags:Advanced Threats Threat Intelligence Banking Trojan Collabor

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:804 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

A week in security (March 16 – 22)

Last week on Malwarebytes Labs, we concluded our series on child identity theft. We also looked into threat actors and campaigns that ride the COVID-19 train, namely the criminal group APT36 and threat actors purporting to be the World Health Organization (WHO) but instead spreading malware. Lastly, we have tips for those who are working at home to stay secu
Publish At:2020-03-23 13:16 | Read:594 | Comments:0 | Tags:A week in security APT36 awis covid-19 emotet fake news mone


Tag Cloud