Administrators of the TrickBot trojan - one of the most active and widespread malware today - are now able to carry out SIM replacement attacks (SIM swapping attacks).
This has been seen over the last month as the developers of TrickBot seem to have developed a new edition που μπορεί να παρεμποδίσει τα διαπιστευτήρια σύνδεσης και τους κωδικούς PIN για λογαριασμούς από διάφορες Companies mobile phone provider.
The data collected by TrickBot can allow malicious application administrators to carry out so-called SIM replacement attacks by transferring a victim's phone number to a SIM card under their control.
This of course allowed TrickBot administrators to bypass two-factor authentication using SMS and reset passwords to bank accounts, email accounts, or portals.changeof cryptocurrencies.
For the past two years, SIM replacement attacks have been one of their favorite techniques hackers targeting financial services.
It is worth mentioning that TrickBot was developed as a targeted trojan simple banking operations in 2016. Σήμερα έχει εξελιχθεί σε ένα μοντέλο Access-as-a-Service. Τι σημαίνει αυτό; Οι απατεώνες πίσω από το TrickBot επιτρέπουν και σε άλλους κακόβουλους προγραμματιστές να αναπτύξουν κακόβουλα προletteron computers that are already infected.
This allowed TrickBot authors to develop close ties with many other cybercrime "colleagues" and Secureworks (the security company that revealed the latest action of the trojan) fears that they could use these relationships to share or sell the data they have managed to collect in the last month.
_________________________
- Champion worldwide in Cybersecurity Leadership Matrix 2019 or ESET
- Windows 10 also collects non-diagnostic data
- Edge from Chromium, will Microsoft's new strategy succeed?
- Internet Archive is at risk of being blocked by ISPs
- You've drank microplastics but don't worry, at least not yet