TrickBot Updated And Used Against Mobile Carrier Users

TrickBot Updated And Used Against Mobile Carrier Users

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

The well-known TrickBot malware has been updated with a new version and features so that it is used by a hacking group against mobile carrier users. The new variants are confirmed to be used against users of T-Mobile, Sprint, Verizon among others.

Major Mobile Carrier Users Targeted By Updated TrickBot Attacks

TrickBot is primarily known as a banking Trojan among the security community. Over time different hacking groups have created their own iterations for their own campaigns and developed it into a very dangerous weapon. Recently a group of security experts discovered that a new TrickBot release is used by hackers against users of popular mobile carriers such as Sprint, T-Mobile and Verizon. This is done by infecting sites and end devices with malicious code that will redirect the users when visiting the landing pages of the services to a fake phishing copy.

Relaterede: TrickBot Trojan Latest Variant Resilient to Disable Windows Defender

In order for this to work the web sites need to be injected with the required malicious code that are powered by TrickBot. As a result after the users request for the sites an injection will done in their browsers which will lead to to the display of the phishing domains. What’s particularly dangerous is that the introduction of this malicious code will lead to the display of extra information prompts — pin codes of the smart phones for example. The hackers will use the gathered information in order to launch a series of other crimes: blackmails, finansielle misbrug, identity theft and etc. This gives hackers the ability to carry out two specific scams:

  • Port-Out — When the information is acquired from the victims the hackers can institute theport-out scam”. This is the practice of fraud moving out of one carrier to another. This is done to automatically intercept messages, calls and other activity. When the porting process has completed the phone will shut off for the victim user and the hackers will be able to use the phone’s plan on another device.
  • SIM Swap Fraud — By acquining personal information and the device’s PIN numbers the attackers can access sensitive applications and services. Using the information the criminals can convince a carrier toswapthe SIM cards and link the identity of the victims to a hacker-controlled card.

The development of the TrickBot malware and the current versions of the threat showcase that the base is still used in numerous attack campaigns. We anticipate that hacking groups are interested in modifying the source code of the TrickBot across its multiple generations. As such we believe that the threat will be used in future attack campaigns as well.


Martin Beltov

Martin dimitterede med en grad i Publishing fra Sofia Universitet. Som en cybersikkerhed entusiast han nyder at skrive om de nyeste trusler og mekanismer indbrud.

Flere indlæg - Websted

Følg mig:
TwitterGoogle Plus

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...