TrickBot turns 100: Latest malware released with new features

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/trickbot-turns-100-latest-malware-released-with-new-features/

The TrickBot cybercrime gang has released the hundredth version of the TrickBot malware with additional features to evade detection. [...]

This latest build was discovered by Advanced Intel's Vitali Kremez, who found that they added new features to make it harder to detect.
With this release, TrickBot is now injecting its DLL into the legitimate Windows wermgr.exe (Windows Problem Reporting) executable directly from memory using code from the 'MemoryModule' project.

TrickBot turns 100: Latest malware released with new features

The TrickBot cybercrime gang has released the hundredth version of the TrickBot malware with additional features to evade detection.

www.bleepingcomputer.com

 

[silversurfer]

Just to inform people who don't know what's the legitimate process "wermgr.exe" (Windows Problem Reporting), this system process is signed by Microsoft.

Windows Error Reporting is a crash reporting manager for Windows operating systems. Wermgr.exe runs the error reporting software, and does not pose a threat to your computer.

wermgr.exe Windows process - What is it?

wermgr.exe often causes problems but is important for Windows 10/11/7. Click here to know how to avoid errors and how to remove the Virus version.

www.file.net