After many months of testing, the new bank Trojan called TrickBot began attacking owners of personal and business bank accounts in the UK and Australia.
TrickBot is said to be fully operational and develops two advanced server-side injections and redirection attacks to breach bank sessions.
Its effectiveness was first tested by its creators last month, and in November it was released with two new synthetics in malware of. One targets customers from four UK banks with redirect attacks, and the other hits bank account holders at Australian banks using server-side injections.
Users of financial institutions in New Zealand, Germany and Canada are also targets of TrickBot but to a lesser extent, to date at least.
Malware distribution options by its creators show a preference for business bank accounts.
"They spam the malware to companies, in waves," says the consultant security of IBM, Limor Kessem. They have also tried testing the Rig exploit kit.
Οι ερευνητές αναφέρουν ότι το ΤrickBot έχει ομοιότητες με το κακόβουλο software του Cutwail botnet and uses the same crypter as Vawtrak, Pushdo and Cutwail.
TrickBot is ready to become the next big threat, and a serious contender in the banking malware market.
