Skip to main content

The Federal Bureau of Investigation (FBI) officially linked the Diavol ransomware operation to the infamous TrickBot gang.

posted onJanuary 20, 2022
by l33tdawg
Security Affairs
Credit: Security Affairs

TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features. Operators continue to offer the botnet through a multi-purpose malware-as-a-service (MaaS) model. Threat actors leverage the botnet to distribute a broad range of malware including info-stealer and ransomware such as Conti and Ryuk. To date, the Trickbot botnet has already infected more than a million computers.

The TrickBot Gang is also behind the development of the BazarBackdoor and Anchor backdoors.

In July, researchers from Fortinet first spotted the new ransomware family, tracked as Diavol, and speculated it might have been developed by Wizard Spider, the cybercrime gang behind the TrickBot botnet. Fortinet experts noticed similarities between Diavol and Conti threats, but unlike Conti, Diavol doesn’t avoid infecting Russian victims.

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th