Experts with the international antivirus software developer ESET, together with Microsoft, NTT, and others have exposed a new global cyber threat, the Trickbot botnet.

Trickbot has infected over a million computing devices around the world since late 2016 and been a major nuisance for internet users, ESET reports.

Trickbot is one of the most prevalent banking malware families. Throughout its existence, Trickbot malware has been distributed in a number of ways. Recently, a chain we observed frequently is Trickbot being dropped on systems already compromised by Emotet, another large botnet. In the past, Trickbot malware was leveraged by its operators mostly as a banking trojan, stealing credentials from online bank accounts and trying to perform fraudulent transfers.

Видео дня

Read alsoSBU, police develop common approaches to protecting critical infrastructureTrickbot's modular architecture allows it to perform a vast array of malicious actions using a variety of plugins. It can steal all kinds of credentials from a compromised computer and, more recently, has been observed mostly as a delivery mechanism for more damaging attacks, such as ransomware.

Through the monitoring of Trickbot campaigns, experts collected tens of thousands of different configuration files, allowing them to know which websites were targeted by Trickbot's operators. These targeted URLs mostly belong to financial institutions.

Trying to disrupt an elusive threat such as Trickbot is very challenging and complex. It has various fallback mechanisms and its interconnection with other highly active cybercriminal actors in the underground makes the overall operation extremely complex, ESET reports.

As reported earlier, ESET said about 300,000 new cyber threats related to information security are recorded in Ukraine every day. At the same time, it is extremely difficult to trace hackers; all that remains for companies is to conduct monitoring every minute to identify cyber threats in order to further block them.

ESET is a global leader in IT security. The company was founded in Slovakia in 1992 and today it has representation in more than 180 countries.

Cyberthreats: Other reports