Windows 10 - Trojan can disable Windows Defender (Trickbot)

Be careful out there!

" As reported on July 14 in Forbes , Trickbot is a particularly stealthy banking Trojan that has been around since 2016. Since then, it was thought to have compromised no less than 250 million email accounts in an effort to distribute the malware payload. That payload includes the stealing of online banking credentials and cryptocurrency wallets.

Microsoft has always been front and center as far as Trickbot attack campaigns are concerned, with weaponized Word and Excel files being a favored approach. The latest campaign is targeting Windows 10 users and implementing a highly detailed and convincing, but fake nonetheless, Office 365 page to prompt for browser updates that install the Trojan itself."

1 Like

Indeed, this is some nasty stuff. While Defender doesn’t have the best reputation

According to Dark Reading Trickbot “…can act as a dropper for other malware. An attacker can leverage TrickBot’s modules to steal banking information such as passwords and credit card numbers, conduct system and network reconnaissance, and propagate additional malware across networks or other areas.”

Also, Cyber Reason goes really in-depth on Trickbot and Emotet (and has some pretty good infographics).

1 Like

Thank you for the warning! I’m going to check to make sure my tamper proof is turned on!

1 Like

Thanks for information!

1 Like

Welcome Aboard FairyF!

1 Like