After many months of testing, the new banking Trojan called TrickBot began to take effect attacks σε ιδιοκτήτες προσωπικών και επαγγελματικών τραπεζικών λογαριασμών στο Ηνωμένο Βασίλειο και την Australia.
TrickBot is reportedly fully functional and deploys two advanced program manipulation techniques browsing (server-side injections and redirection attacks) to compromise banking sessions.
Its effectiveness was tested for the first time by its creators last month, and in November it was released with two new synthetics in its malicious software. One is targeted at customers from four banks in the United Kingdom with redirection attacks, and the other beats bank account holders in Australian banks using server-side injections.
Users of financial institutions in New Zealand, Germany and Canada are also targets of TrickBot but to a lesser extent, to date at least.
Malware distribution options by its creators show a preference for business bank accounts.
“They spam the malware to Companies, in waves," says IBM security consultant Limor Kessem. They have also tried testing the Rig exploit kit.
Researchers say TrickBot has similarities to Cutwail malware botnet and uses the same crypter as Vawtrak, Pushdo and Cutwail.
TrickBot is ready to become the next big threat, and a serious contender in the banking malware market.
