TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

The cybercriminals behind the infamous TrickBot trojan have signed two additional distribution affiliates, dubbed Hive0106 (aka TA551) and Hive0107 by IBM X-Force. The result? Escalating ransomware hits on corporations, especially using the Conti ransomware. The development also speaks to the Read More …

TrickBot Spruces Up Its Banking Trojan Module

The TrickBot trojan is adding man-in-the-browser (MitB) capabilities for stealing online banking credentials that resemble Zeus, the early banking trojan, researchers said — potentially signaling a coming onslaught of fraud attacks. TrickBot is a sophisticated (and common) modular threat known Read More …

Trickbot cybercrime group linked to new Diavol ransomware

FortiGuard Labs security researchers have linked a new ransomware strain dubbed Diavol to Wizard Spider, the cybercrime group behind the Trickbot botnet. Diavol and Conti ransomware payloads were deployed on different systems in a ransomware attack blocked by the company’s Read More …

Supermicro, Pulse Secure release fixes for ‘TrickBoot’ attacks

Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware’s UEFI firmware-infecting module, known as TrickBoot. Last year, cybersecurity firms Advanced Intelligence and Eclypsium released a joint report about a new Read More …

Trickbot malware now maps victims’ networks using Masscan

The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim’s computer. This new module, dubbed masrv, uses the open-source masscan tool, a mass port scanner with its own TCP/IP stack Read More …