Trickbot can now obtain your remote access credentials
The Banking Trojan called Trickbot has an updated ability and can now harvest your username and passwords from remote access type applications. This would allow the hacker to remote into systems using the username and password obtained.
TrendMicro Analysts stated “The malware arrives via an email disguised as a tax incentive notification from a major financial services company. This email includes a macro enabled (XLSM) Microsoft Excel spreadsheet attachment (detected as Trojan.W97M.MERETAM.A) that purportedly contains the details of the tax incentive. However, as these attachments usually go, this macro is malicious and will download and deploy Trickbot on the user’s machine once activated.”
The figure below is the email that someone will receive with the malware payload disguised as an attached excel document. Please be vigilant, don’t open an attachment unless you know who it is from & are expecting it.
You can be more safe by following the best practices against spam. This includes being aware of the main characteristics of a spam email, such as a suspicious sender address and random attachments. We also recommended that users be cautious about email messages that instruct you to enable macros before downloading Word or Excel attachments.
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
- How to Automate Ubuntu Server System Updates and Package Installation
- Introducing Zevonix: Your Pathway to Smarter IT
Discover more from Patrick Domingues
Subscribe to get the latest posts sent to your email.
Loading ...