Attackers exploiting Black Lives Matter movement to spread popular banking Trojan

Attackers are exploiting the Black Lives Matter movement in an attempt to spread a strain of the ‘Trickbot’ banking trojan.

‘Trickbot’ is a banking trojan that used in cyberattacks against businesses and individuals in the UK and overseas. Trickbot attacks are designed to access online accounts, usually bank accounts, in order to obtain personally identifiable information (PII). Criminals use PII to commit identity fraud like taking out loans in your name or applying for credit cards.

Trickbot can:

· Steal sensitive information, including banking login details and memorable information

· Gather detailed information about infected devices and networks

· Steal saved online account passwords, cookies and web history

· Steal login credentials for infected devices, including domain credentials

Attackers are posing as government officials, in an effort to lure socially-minded victims into clicking on a malicious attachment in an email that appears to be a survey-based around the Black Lives Matter movement. The messages use the subject lines: “Vote anonymous about Black Lives Matter,” or “Leave a review confidentially about Black Lives Matter,” and say they contain a survey document. The attachment, if opened, surfaces a button urging recipients to “Enable Editing” or “Enable Content.” If clicked, the button activates malicious code that in turn downloads TrickBot which then launches whatever payload is programmed into it.

Cybercriminals looking for a quick payday often latch onto popular movements, political happenings, or sporting events in order to capitalise on people’s interest in a given subject. and more recently, attackers have adopted a lot of COVID-19- and coronavirus-themed lures to grab email recipients’ interest.

In order to protect yourself from trojans and other attacks like this one, it is important that you always keep your software up to date and ensure your antivirus is reputable and use best practices when reading emails (checking address bar, never opening attachments if the email is unrecognised)

Cyber Wise has a variety of training courses tailored to your company that teaches your employees the importance of software and antivirus updates, as well as training courses based around spotting phishing emails. Contact us now to arrange your risk-free trial.