Trickbot is a malware that has been around for a while now but has developed a new delivery system according to Trend Micro. The malware deploys multiple modules into the victim’s computer to steal browser data, system information, login credentials, and banking information. The newly found delivery system uses a “masking” technique that disguises itself as an email from well-known senders that include order information, contact details and social media icons of the legitimate sender. The malicious email includes a tracking link that when clicked on redirects the user to a bogus website disguised to look like the online order. The fake site then downloads a compressed file to the victim’s computer and deploys several algorithms that steal the user’s information. By using this “masking” technique, the spam email is capable of bypassing spam filters with the use of legitimate URL’s.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is