The developers behind TrickBot have modified the banking trojan to target customers of major mobile carriers, researchers have reported.
As of August, the dynamic webinjects that TrickBot uses were updated to target Verizon Wireless, T-Mobile and Sprint, according to a blog post this week from Secureworks' Counter Threat Unit Research Team. When infected users visit the website of any of these carriers, TrickBot's C2 server will serve up a fake form field that asks them to enter their PIN code and, at least in certain cases, their username and password.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.