US and UK law enforcements imposed sanctions against 7 members of a cybercrime gang that stands after TrickBot malware, including top management. Cooperation between the U.S. The Department of Treasury and U.K Foreign, Commonwealth and Development office ended up identifying the personality of key actors of this malware gang. Sanctions brought serious restrictions upon financial… Continue reading TrickBot Members Sanctioned By U.S. and UK
Tag: Trickbot
Emotet Botnet Resumed Activity after Five Months of Inactivity
The Emotet botnet resumed activity and began sending out malicious spam again after a five-month break, during which the malware practically “lay low.” So far, Emotet is not delivering additional payloads to the infected devices of victims, so it is not yet possible to say exactly what this malicious campaign will lead to. Let me… Continue reading Emotet Botnet Resumed Activity after Five Months of Inactivity
TrickBot Hack Group Systematically Attacks Ukraine
IBM Security X-Force experts noticed that from the very beginning of the full-scale Russian invasion, the TrickBot hack group “systematically attacks” Ukraine, which has not been observed before. It is believed that from mid-April to June 2022, hackers have already organized at least six such phishing campaigns. Let me remind you that the TrickBot hack… Continue reading TrickBot Hack Group Systematically Attacks Ukraine
TrickBot causes crashes on the machines when cybersecurity experts studying it
TrickBot malware has received new features that make it more difficult to investigate and detect — for example, TrickBot has learned to crash the browser when suspicious manipulations are detected. TrickBot is one of the most famous and “successful” malware to date. The malware was first noticed back in 2015, shortly after a series of… Continue reading TrickBot causes crashes on the machines when cybersecurity experts studying it
Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware
The latest of this year, December’s patch Tuesday brought fixes for six 0-day vulnerabilities in Microsoft products, including a bug in the Windows AppX Installer that uses Emotet malware to spread. Microsoft patched 67 vulnerabilities in its products this month, seven of which are classified as critical and 60 are classified as important. Separately, Microsoft… Continue reading Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware
Emotet now installs Cobalt Strike beacons
The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which will greatly facilitate extortion attacks. Let me remind you that usually Emotet installs TrickBot or Qbot malware on the victim’s machines, and that one already… Continue reading Emotet now installs Cobalt Strike beacons
Microsoft recommends Exchange administrators to disable SMBv1
Microsoft strongly recommends administrators disable the SMBv1 protocol on Exchange servers to protect against threats that exploit its vulnerabilities. Let me remind you that Microsoft has been implementing a systematic refusal to use the outdated SMBv1 for a long time. So, since 2016, the company has advised administrators to withdraw from SMBv1 support since this… Continue reading Microsoft recommends Exchange administrators to disable SMBv1
Greta Thunberg became the most popular character in phishing campaigns
Check Point analysts prepared a traditional monthly report on the most active threats, the Global Threat Index. Greta Thunberg and Christmas became the most popular topics in spamming and phishing campaigns. For already three months, the Emotet Trojan has occupied one of the leading positions among malware: in December, Emotet affected 13% of organizations worldwide,… Continue reading Greta Thunberg became the most popular character in phishing campaigns
Check Point named the most dangerous malware of November 2019
Check Point Research Team, Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a global cybersecurity solutions provider, published the Global Threat Index report, listing the most dangerous malware of November 2019. Experts said that for the first time in three years, a mobile Trojan entered the general list of malware, and it has become the most… Continue reading Check Point named the most dangerous malware of November 2019