Old bot, new tricks.
TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.
The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add new components. In the past few months it was adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie-stealing capabilities, allowing attackers to log in as their victims without needing their passwords.