Cybercrime, fake email from the US IRS on Covid-19 conveys Trickbot
The xlsb attachment contacts a single url and downloads the dll, which starts the malware infection.
Cybercrime, multi-malware campaign conveyed via false debt
The email texts and the xlsb attachment change slightly. This contacts a url and has so far downloaded remcosrat in one case and Trickbot in the other.
Cryptolaemus has new enemies: Dridex, Qakbot and Trickbot
The “mealybug destroyers”, the members of the cybersecurity group that for passion contributed to defeat Emotet, talk about the new and old threats.
Cybercrime, fake Pfizer invoice carries a global Trickbot campaign
The xlsb mail attachment contacts a url and downloads the malware from an opendir, which also contains Ursnif/Gozi and is constantly updated.
The Netherlands Police chases cybercrime actors on hacker forums
“We aim at botnets and related malware like Ryuk, Trickbot and many more. Everyone makes mistakes, we are waiting for yours”.
Cybercrime, TrickBot has been upgraded with the “masrv” module
Kryptos Logic cybersecurity experts: It’s a network scanner that incorporates the Masscan open-source tool in the malware.
Cybercrime, TrickBot now uses an obfuscated batch script launcher
Bleeping Computer cybersecurity experts: The malware increased its advanced evasive capabilities.
Cybercrime, the Black Lives Matter exploited to spread Trickbot
CSIRT-Italy cyber security experts: The malware is conveyed with an malspam campaign and malicious attachments. Targets: USA, Canada, France, Germany, Italy and South East Asia.
Cybercrime spread BazarBackdoor trojan via Sendgrid
The cyber security experts: The malware is sent through a phishing campaign by TrickBot authors with different lures. Moreover, after a period of time, it installs Cobalt Strike on infected computer.
Cybercrime, has “FIN6” partnered with the “TrickBot” operators?
Digital Shadows cyber security experts: In a recently cyber-threat campaign, the financially motivated APT allegedly used “Anchor”, a framework associated with the malware.