TrickBot’s New Spearphishing Tricks - Binary Defense

Threat Watch

Share on facebook
Share on twitter
Share on linkedin

TrickBot’s New Spearphishing Tricks

Recently, TrickBot has developed a new, fairly successful lure that poses as a sexual harassment claim filed against their targets. Using information gathered through research of publicly available information about the target, the TrickBot threat actors can make these lures look very legitimate, which makes avoidance difficult. Additionally, the downloaded Microsoft Installer (.msi) file allows the malware to maintain very little detection rates.

ANALYST NOTES

Always make sure that any document received through email is legitimate. Many anti-virus solutions allow users to individually scan documents and files. If in doubt, opening the file in a VM or on a non-production computer may be best. Additionally, disabling macros from untrusted sources are another good way to stay protected. Source: https://www.malcrawler.com/awesome-spear-phish-techniques-from-those-tricky-tricksters-from-trickbot/

Contact Support

Please complete the form below and a member of our support team will respond as quickly as possible.