Trickbot banking malware added password and browser history stealing

The Trickbot banking malware has added yet another tool to its arsenal, allowing crooks to steal passwords as well as steal browser data including web history and usernames.

The malware first appeared in 2016, initially focused on stealing banking credentials - but Trickbot is highly customisable and has undergone a series of updates since then. The latest trick - picked up by researchers at both Trend Micro and Fortinet - is the addition of a new module designed to steal passwords.

This new Trickbot variant first emerged in October and is delivered to victims via a malicious Excel document.

Like many forms of malware, the malicious package is spread via macros: the user is told their document was created in an older version of Excel and that they must 'enable content' to view the file. This allows macros to run and executes malicious VBS code which kicks off the process of the malware download...


Read more: This banking malware just added password and browser history stealing to its playbook | ZDNet
 
Back
Top