Trickbot malware is a thorn in the side of cybersecurity professionals and is now targeting the customers of 60 major institutions in phishing attacks and through web injections.
Trickbot began its journey as a relatively simple Banking Trojan alongside the likes of Zeus, Agent Tesla, Dridex, and DanaBot. However, after the Dyre botnet was retired in 2016 and the infrastructure supporting the prolific Emotet botnet was disrupted by Europol and the FBI last year, more attention has been paid to Trickbot activities.
The malware is modular, which means that users can adopt the software to conduct a wide range of attacks – and these assaults can be tailored depending on the desired victims.
On February 16, Check Point Research (CPR) published a new study on Trickbot, noting that the malware is now being used in targeted attacks against customers of 60 “high profile” organizations, many of whom are located in the United States.
The companies themselves are not the victims of the malware. Instead, TrickBot operators are leveraging the brands’ reputations and names in numerous attacks.
According to CPR, the brands being abused by TrickBot include the Bank of America, Wells Fargo, Microsoft, Amazon, PayPal, American Express, Robinhood, Blockchain.com, and the