Skip to main content

TrickBot malware mistakenly alerts victims to malicious activity

posted onJuly 13, 2020
by l33tdawg
Flickr
Credit: Flickr

Developers of the infamous TrickBot banking trojan have accidentally coded in a feature that alerts infected users to its presence on their device.

Traditionally, TrickBot malware is distributed via phishing campaigns and operates stealthily on an infected machine, scraping credentials, stealing from cryptocurrency wallets and opening the door to secondary attacks.

It was also recently found to contain a mechanism that checks the victim’s screen resolution to determine whether it is running in a virtual machine, allowing operators to hinder the attempts of researchers to analyze the malware. However, according to security researcher Vitali Kremez of Advanced Intel, the TrickBot creators are accidentally circulating a version that serves a warning message to users whose credentials have been stolen, thereby alerting them to the infection.

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th