After many months of testing, the new banking Trojan called TrickBot began to perform attacks to owners of personal and business bank accounts at United Kingdom and Australia.
TrickBot is said to be fully functional and develops two advanced program manipulation techniques tour(server-side injections and redirection attacks) to compromise banking sessions.
Its effectiveness was tested for the first time by its creators last month, and in November it was released with two new synthetics in its malicious software. One is targeted at customers from four banks in the United Kingdom with redirection attacks, and the other beats bank account holders in Australian banks using server-side injections.
Users of financial institutions in New Zealand, Germany and Canada are also targets of TrickBot but to a lesser extent, to date at least.
Malware distribution options by its creators show a preference for business bank accounts.
"They send spam malware to companies in waves," said IBM security consultant Limor Kessem. They have also tried the Rig exploit kit.
Researchers report that TrickBot has similarities with Cutwail botnet's malware and uses the same crypter as Vawtrak, Pushdo and Cutwail.
TrickBot is ready to become the next big threat, and a serious contender in the banking malware market.