Discovered in 2016, Trickbot’s main functionality was online banking data theft. Over its five years of activity, Trickbot banking Trojan has changed as attackers came up with a more advanced toolset. Kaspersky researchers have traced Trickbot’s evolution by analyzing its 61 existing modules and defined how Trickbot has been updated.
Trickbot is a descendant of the Dyre banking Trojan, which originated as a Trojan stealing banking data and account credentials. Today Trickbot has evolved and became a multi-modular malware ranging its activity from data theft to other malware distribution (such as Ryuk ransomware).
Overall, Kaspersky researchers have analyzed 61 modules of Trickbot and discovered Trojan has acquired dozens of auxiliary modules that steal credentials and sensitive information. The malware spreads over local networks using stolen credentials and vulnerabilities, provides remote access, proxy network traffic, performs brute-force attacks and downloads other malware.
Trickbot targets companies and individual users around the world. According to Kaspersky, Trickbot’s activity is not geographically limited and most of the affected users were located in the USA (13.21%), Australia (10.25%) and China (9.77%), followed by Mexico (6.61%) and France (6.30%).
“Cybercriminals always update and refresh their toolsets. Right now, Trickbot has developed and became one of the most powerful and dangerous samples of its malware type. As cybercriminals evolve, so should protection techniques. Most of the attacks can be prevented, that is why it is important to have an up-to-date security solution,” comments Oleg Kupreev, security expert at Kaspersky.
Kaspersky security solutions successfully detect and block all known versions of the Trickbot banking Trojan.
Learn more about Trickbot on Securelist.
To stay safe from financial threats like Trickbot, Kaspersky experts recommend that you:
- Do not follow links in spam messages nor open documents attached to them.
- Use online banking with multifactor authentication solutions.
- Make sure all of your software is updated – including your operating system and all software applications (attackers exploit loopholes in widely used programs to gain entry).
- Use a trusted security solution that can help you check the security of the URL you’re visiting and open any site in a protected container to prevent theft of sensitive data (like financial information).
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
© Press Release 2021
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.
