silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
The notorious TrickBot malware mistakenly left a test module that is warning victims that they are infected and should contact their administrator.
In a recent release of the TrickBot malware analyzed by Advanced Intel's Vitali Kremez, the threat actors are mistakenly distributing a test version of their password-stealing grabber.dll module.
When loaded, this module displays a warning in the default browser stating that the program is gathering information and that the victim should ask their system administrator.
The warning shown by TrickBot's grabber module