What’s new in TrickBot? Deobfuscating elements

TrickBot has been present in the threat landscape from quite a while. We wrote about its first version in October 2016. October 2018 marks end of the second year since TrickBot’s appearance. Possibly the authors decided to celebrate the anniversary by a makeover of some significant elements of the core. This post is an analysis of the updated obfuscation used by TrickBot’s main module.

Read more

Drive-by download campaign targets Chinese websites, experiments with exploits

This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits.

Read more

Select your language