New TrickBot Variant Targets Verizon, T-Mobile, and Sprint Users

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/new-trickbot-variant-targets-verizon-t-mobile-and-sprint-users/

A new Trickbot Trojan variant was spotted while focusing on stealing PIN codes from Verizon Wireless, T-Mobile, and Sprint users, marking a new step in this malware's development.

Secureworks Counter Threat Unit (CTU) researchers were the ones who spotted this new TrickBot version during August 2019 after discovering new dynamic webinjects targeting U.S. mobile users' information.

New modules were added to target Verizon Wireless users on August 5, T-Mobile customers on August 12, and Sprint clients on August 19.

The webinjects allow the threat group behind the TrickBot botnet — dubbed GOLD BLACKBURN by Secureworks — to inject additional code within its victims' websites via web sessions manipulation.

"When a victim navigates to the website of one of these organizations, the legitimate server response is intercepted by TrickBot and proxied through a command and control (C2) server," explain the researchers.

Read more below:

New TrickBot Variant Targets Verizon, T-Mobile, and Sprint Users

A new Trickbot Trojan variant was spotted while focusing on stealing PIN codes from Verizon Wireless, T-Mobile, and Sprint users, marking a new step in this malware's development.

www.bleepingcomputer.com

Botnet TrickBot Modifications Target U.S. Mobile Users

The long-running botnet TickBot added functionality to solicit PIN codes from mobile customers, which could allow threat actors to access victims’ voice and text communications.

www.secureworks.com