After many months of testing, the new bank Trojan called TrickBot began attacking owners of personal and business bank accounts in the UK and Australia.
TrickBot is reportedly fully functional and deploys two advanced techniques to manipulate the proletterof browsing (server-side injections and redirection attacks) to compromise banking sessions.
Its effectiveness was tested for the first time by its creators last month, and in November it was released with two new synthetics in its malicious software. One is targeted at customers from four banks in the United Kingdom with redirection attacks, and the other beats bank account holders in Australian banks using server-side injections.
Users of financial institutions in New Zealand, Germany and Canada are also targets of TrickBot but to a lesser extent, to date at least.
The malware's distribution options software by its creators show a preference for business bank accounts.
"They send spam malware to companies in waves," said IBM security consultant Limor Kessem. They have also tried the Rig exploit kit.
Researchers say TrickBot has similarities to Cutwail malware botnet and uses the same crypter as Vawtrak, Pushdo and Cutwail.
TrickBot is ready to become the next big threat, and a serious contender in the banking malware market.