IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The…
Browsing Categorytrojan
TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware
Malware authors use various techniques to obfuscate their code and protect against reverse engineering. Techniques such as control flow obfuscation using Obfuscator-LLVM and encryption are often observed in malware samples.…
Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data
Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion.…
Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds
IBM X-Force has been tracking the activity of ITG23, a prominent cybercrime gang also known as the TrickBot Gang and Wizard Spider. Researchers are seeing an aggressive expansion of the…
New ZE Loader Targets Online Banking Users
IBM Trusteer closely follows developments in the financial cyber crime arena. Recently, we discovered a new remote overlay malware that is more persistent and more sophisticated than most current-day codes.…
TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?
October 2020 saw the TrickBot Trojan, a prominent cybercrime gang’s tool of choice, suffer a takedown attempt by security vendors and law enforcement. Unfortunately, the takedown was not effective, and…
Refocusing Cybersecurity Best Practices on Security Hygiene
Attackers often increase their efforts to breach networks and systems during troubling times. As organizations around the world focus on the COVID-19 pandemic, security hygiene should be a focus, too.
The post Refocusing Cybersecurity Best Practices on Security Hygiene appeared first on Security Intelligence.
QNodeService: Node.js Trojan Spread via Covid-19 Lure
Insights and Analysis by Matthew Stewart We recently noticed a Twitter post by MalwareHunterTeam that showed a Java downloader with a low detection rate. Its name, “Company PLP_Tax relief due…
Zeus Sphinx Back in Business: Some Core Modifications Arise
The Zeus Sphinx banking Trojan is financial malware that was built upon the existing and leaked codebase of the forefather of many other Trojans in this class: Zeus v2.0.8.9. Over…
TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam
IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets…