As per cyber threat intelligence firm Test Level Analysis (CPR), Trickbot, a financial Trojan infection that targets businesses and consumers for personal data, has infected over 140,000 devices belonging to customers of Amazon, Microsoft, Google, and 57 other organizations since November 2020. The investigation focuses on Trickbot, a well-known banking Trojan that was first discovered in 2016 and has since expanded into a botnet, ransomware, and malware ecosystem.
Threat actors have frequently used the bedfellows to mount multiple attacks in the past. TrickBot was frequently provided as a payload in specialized email phishing attacks by Emotet, though TrickBot has also delivered Emotet samples — the hazardous scenario at hand currently.
CPR has detected how Trickbot's writers are targeting high-profile individuals in order to steal and corrupt valuable sensitive data. At the same time, everyone should understand the people in charge of the infrastructure are highly skilled in virus development. Trickbot is mostly used to steal financial information, account credentials, personally identifying information, and even bitcoin. It's a modular malware that can be adapted to a variety of different use scenarios, which makes it far more dangerous.
More than 140,000 devices infected, according to Alexander Chailytko, Check Point's cybersecurity, research, and innovation manager, seem to be mostly computers belonging to the general population, as well as "some companies." The data gathered represents telemetry which has been obtained from its clients, however, it is "greater than" 140,000. As a result, the security vendor may have more or less visibility in specific parts of the world, according to Chailytko.
"Trickbot has affected one out of every 45 enterprises. Over the previous few months, we've noticed a decrease in Trickbot campaign activity," the cybersecurity researcher stated. Users may defend it against Trickbot by only opening documents from reputable sources, using separate unique passwords profiles, and updating similar functionality and antivirus updated with the latest.
