Top

Trickbot Malware Goes After Remote Desktop Credentials

February 18, 2019

The banking trojan is consistently evolving in hopes of boosting its efficacy.

The banking trojan known as Trickbot has resurfaced, with an updated info-stealing module that allows it to harvest remote desktop application credentials.

According to Trend Micro’s Noel Anthony Llimos and Carl Maverick Pascual, a new variant has recently come on the scene, and is being spread via seasonally-themed spam emails that use tax-incentive lures purporting to be from Deloitte. The emails promise help for getting the most out of this year’s changes to the U.S. tax code. Yet attached is a macro-enabled Microsoft Excel spreadsheet, which once activated, will download Trickbot to the victim’s computer.

Read More on Threat Post