informa
Quick Hits

TrickBot Comes to Cellular Carriers

A new malicious campaign seeks cell account PINs from victims.

Researchers have discovered that TrickBot, a credential-theft botnet operated by the Gold Blackburn threat group, has been modified to target mobile device users on Sprint, T-Mobile, and Verizon cellular networks.

The research, conducted by the Counter Threat Unit Research Team at SecureWorks, found that TrickBot is using its traditional techniques — a man-in-the-middle attack that captures a web session, routes it to a command-and-control server where code is injected to request user credentials, then sends the page to the victim — in requests to the websites run by the three cellular networks.

According to the report, the PIN requested by the malicious form indicates that the criminals are interested in perpetrating SIM-swap fraud.

For more, read here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "The Right to Be Patched: How Sentient Robots Will Change InfoSec Management."

Recommended Reading: