Published: August 20, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
No slouch when it comes to reinventing itself, TrickBot malware has evolved yet again. Considered the top threat to business on a global scale, TrickBot and its financial data-stealing abilities are prolific. In February of this year, TrickBot expanded its menu of mayhem, focusing on making it more difficult to detect and defend against. Now, just a few months later, TrickBot is at it again. Its latest added module, called Nworm, takes the ability to evade detection to a whole new level.
Since its debut in 2016, the banking Trojan has been very adept at stealing financial data, setting up opportunities for ransomware attacks. During this pandemic, TrickBot has also been linked to more coronavirus phishing emails than any other malware. Each tweak over the past two years included a change of focus from other countries to the U.S. in 2017. For TrickBot and its latest version, it’s not just about hijacking banking credentials anymore. Lately, it’s been all about making it impossible to detect. TrickBot’s ongoing history shows we may be dealing with improvements for years to come.
According to Trend Micro, “While this new variant…proves that the groups or individuals behind TrickBot are not resting on their laurels and continuously improve it, making an already-dangerous malware even more effective.”
There are precautions that businesses can take to prepare against the likes of TrickBot. Although security measures may not be 100% fool proof, being best prepared always helps with having the best results.
Educate employees to spot phishing emails, especially those that sound too good to pass up and also those with attachments. Don’t open emails from unknown senders and always verify any email requests having to do with finances and other sensitive information.
Always use the latest versions of operating systems and software and scan regularly with antivirus tools.
Update software as soon as patches or new versions are available. They often contain bug fixes and security updates.
Regularly backup important data offline. Having that data available can reduce the impact of a ransomware attack.
Use MFA (multi-factor authentication) making it more difficult for bad actors to access a data system.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org