CISA Issues Advisory on TrickBot CampaignsCISA Issues Advisory on TrickBot Campaigns
US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warn security teams to guard against the advanced Trojan malware.
March 18, 2021
Schemes that employ TrickBot malware are cropping up again in North America, according to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the FBI.
"A sophisticated group of cybercrime actors is luring victims, via phishing emails, with a traffic infringement phishing scheme to download TrickBot," the agencies' note in an advisory on the malware.
TrickBot is an advanced Trojan first identified in 2016. Originally designed as a banking Trojan to steal financial data, it is now a highly modular, multistage malware. Attackers often use TrickBot to drop other malware, such as Ryuk and Conti ransomware, or to serve as an Emotet downloader.
In the advisory, agency officials recommend security teams block suspicious IP addresses and train employees on awareness and phishing tactics to guard against Trickbot.
The full advisory can be found here.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023