Skip to Content

Tag: Trickbot

Emotet is back again: what does it mean?

Emotet is back again on the scene and, to be fair, we’re not surprised. Its predictable return has come just ten months after the takedown of its infrastructure, following an internationally coordinated law enforcement operation in January 2021. If you need a refresher on that operation, Digital Shadows (now ReliaQuest) published two analyses a few […]

ShadowTalk Update – 11.12.2018

In this week’s ShadowTalk, we discuss the big vulnerability and exploit stories of the week. The team discuss the Cisco denial- of-service vulnerability affecting its Adaptive Security Appliance (ASA), as well as a vulnerability in Oracle’s VirtualBox technology posted to GitHub. Dr. Richard Gold, Rafael Amado and Michael debate the benefits and drawbacks of bug […]

Five Threats to Financial Services: Banking Trojans

A couple of weeks ago, we learned about a new phishing campaign that delivered Trickbot in an attempt to harvest the credentials of online banking customers. This latest wave targeted UK users, pretending to come from HRMC (HM Revenue & Customs). The actors exploited a vulnerability in Internet Explorer (CVE-2018-8174), for which a patch was […]

Shadow Talk Update – 03.26.2018

This week’s Shadow Talk discusses what the Cambridge Analytica revelations mean for disinformation and personal privacy, updates to Trickbot, Zeus Panda and Remnit trojans, City of Atlanta suffers from ransomware attack, and Dragonfly campaign attribution to Russian Government. US pins energy-sector attacks on Russia-backed threat group The United States government has named the threat group […]

Coming to a Country Near You? The Rapid Development of The TrickBot Trojan

Since the discovery of TrickBot in September 2016, its operators have continued to develop the malware to include the targeting of new locations and customers of new banks. This was demonstrated by both independent reporting and through Digital Shadows (now ReliaQuest)’ analysis of the configuration files used by the malware. These files contain bank domains […]