Malicious actors behind the information-stealing malware TrickBot have added a new module that has helped them illicitly gather a database of 250 million legitimate email addresses.

Millions of these harvested addresses are linked to government agencies and employees in the U.S., according to Deep Instinct, whose researchers uncovered the new module and the giant database. In all likelihood, these addresses were collected for the purpose of targeting them in future TrickBot operations, explains a July 12 blog post by Deep Instinct malware and cyber intelligence expert Shaul Vilkomir-Preisman, who was assisted by fellow researcher Tom Nipravski.

U.S. governmental organizations whose emails show up in the TrickBot database include the Department of Justice, Department of Home Security, State Department, Social Security Administration, Internal Revenue Service, House of Representatives, NASA, the Postal Service and more. Various universities and governmental entities in the U.K. and Canada were cited in the database, including the U.K. Ministry of Defense and U.K. Public Health Office.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.