TrickBot Comes to Cellular Carriers
A new malicious campaign seeks cell account PINs from victims.
Researchers have discovered that TrickBot, a credential-theft botnet operated by the Gold Blackburn threat group, has been modified to target mobile device users on Sprint, T-Mobile, and Verizon cellular networks.
The research, conducted by the Counter Threat Unit Research Team at SecureWorks, found that TrickBot is using its traditional techniques — a man-in-the-middle attack that captures a web session, routes it to a command-and-control server where code is injected to request user credentials, then sends the page to the victim — in requests to the websites run by the three cellular networks.
According to the report, the PIN requested by the malicious form indicates that the criminals are interested in perpetrating SIM-swap fraud.
For more, read here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "The Right to Be Patched: How Sentient Robots Will Change InfoSec Management."
About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024