BleepingComputer reports that the Conti ransomware gang has already taken over the TrickBot malware operation.
AdvIntel researchers noted that while TrickBot had the Ryuk ransomware group as its partner for achieving initial network access, only Conti has been given the malware's high-quality network access supply last year, when the stealthier BazarBackdoor had already been developed by TrickBot developers as a means to better evade detection.
However, Conti has effectively made TrickBot its subsidiary after it had hired its developers and managers by the end of 2021, enabling it to control the development of BazarBackdoor, which has now become its primary initial access tool, according to researchers.
"After being “acquired” by Conti, [TrickBot leaders] are now rich in prospects with secure ground beneath them, and Conti will always find a way to make use of the available talent," said AdvIntel. Researchers also noted that despite the takeover, TrickBot will continue its operations against high-value targets.
SiliconAngle reports that ransomware attacks against the educational sector have significantly increased from 2018 to 2022 and are expected to reach a record high this year, with 85 attacks recorded during the first half of 2023 being almost two times higher than the same period in 2022.
Air Canada has confirmed being impacted by a data breach that compromised some of its employees' limited personal data and other records, reports The Record, a news site by cybersecurity firm Recorded Future.