New TrickBot Attacks Detected

Computer security experts discovered that new strains of the TrickBot Trojan have been used in large-scale attacks against targets located in Asian countries.

TrickBot Now Hits Asian Targets

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

The TrickBot Trojan is an infamous malware threat that was discovered a few months ago. Since then the banking virus has been used in various large-scale attacks however only recently security experts discovered that a new wave of TrickBot malware is targeting victims in Asian countries.

The virus uses various types of redirection attacks to institute damage to the victims. The evolution of the threat has led to new strains of the Trojan which have new configuration files that target primarily Asian countries – India, Malaysia and Singapore are among the top targets so far.

The experts believe that this is due to the rising number of multinational corporations that have created their headquarters or major branches in countries like Singapore. There is a rising trend among all types of malware to target financial services or companies that may provide lucrative information which can lead to major financial gains. The TrickBot large-scale attacks are focused primarily on corporate and commercial banking, business accounts and wealth management profiles.

The operators of the new TrickBot viruses have devised a new type of redirection attacks. Now 58% of the URLs are targeted by the malware code as opposed to 355 in previous samples. This means that the virus can be much more efficient as it targets a larger number of banks and other types of sensitive accounts.

These attacks have proven to be very efficient in harvesting the online banking accounts of the compromised users. They are designed to bypass the traditional security measures by hijacking the sites before the victims have reached the bank’s site. The new forms of redirection attacks create cleverly designed replicas that are convincing to the users. The updated versions of TrickBot and other related malware even include the original bank’s URL’s and use a SSL certificate which makes it very hard for ordinary computer users to distinguish the counterfeit and the real service. The malicious sites are hosted on compromised servers that are under the control of the hackers which can capture their credentials and the two-factor authentication data.

The recent TrickBot attacks reveal that the hackers behind the Asian attacks have access to an organized infrastructure which has been designed to fool the high-profile targets. For more information on the virus you can read our previous article.

We advise everyone to stay protected by using a trusted anti-spyware tool that can protect computer users against malware threats and remove existing infections.

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts