March 22—According to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), one of the most powerful tools available to cyber criminals is being weaponized to spread sophisticated malware.
Trickbot is not just a banking trojan. It offers cyber criminals a lucrative means of engaging in a variety of attack types. Right now, cyber criminals with machines infected by Trickbot are leasing the hardware to other criminals.
Trickbot infected machines can deliver malware via phishing threats. Wondering what the latest phishing threats look like?
Phishing, traffic violations and malware
Cyber criminals have tested out new phishing methods via Trickbot. The latest one involves the impersonation of authorities. When an individual receives one of these phishing emails, he or she sees a subject line that suggests proof of a recent traffic violation.
Late last year, an organized group of international agencies aimed to disrupt Trickbot-related operations. The sting initially appeared successful. However, Trickbot returned shortly thereafter.
What to do right now
The Trickbot malware threats enable cyber criminals to steal valuable data, and to potentially move laterally across networks. Other attack sequences are also possible.
Trickbot represents a clear and present danger for organizations of every variety. The FBI and CISA recommend trying to prevent associated malware infections. Administrators should review the following Trickbot Malware information and CISA’s Trickbot mitigation fact sheet.
For more information about this joint FBI and CISA alert, click here.