Skip to main content
  1. Home
  2. Computing
  3. News

TrickBot returns with new attack that compromised 250 million email addresses

By

The TrickBot malware, which earlier this year worked in tandem with the Ryuk ransomware to siphon millions of dollars for hackers, is back with a new attack that may have compromised as many as 250 million email accounts.

In a report by Deep Instinct, the cybersecurity company revealed a new variant of TrickBot that teams it up with a malicious, email-based infection and distribution module dubbed TrickBooster.

Recommended Videos

The new attack starts the same as in previous methods, with TrickBot infiltrating a victim’s computer. The malware then forces the machine to download TrickBooster, which reports back to a dedicated command and control server with lists of email addresses and log-in credentials harvested from the victim’s inbox, outbox, and address book. Afterwards, the TrickBooster server instructs the infected machine to send out malicious infection and spam emails, with the emails deleted from the outbox and trash folder to remain hidden from the victim.

In Deep Instinct’s investigation of TrickBooster and its associated network infrastructure, the cybersecurity firm discovered a database containing 250 million email accounts that were harvested by TrickBot operators. The addresses were likely also targeted with the malicious emails.

The recovered email dump includes about 26 million addresses on Gmail, 19 million on Yahoo, 11 million on Hotmail, 7 million on AOL, 3.5 million on MSN, and 2 million on Yahoo U.K. The compromised accounts also involved many government departments and agencies in the United States, including but not limited to the Department of Justice, the Department of Homeland Security, the Department of State, the Social Security Administration, the Internal Revenue Service, the Federal Aviation Administration, and the National Aeronautics and Space Administration. Others affected include government organizations and universities in the United Kingdom and Canada.

Deep Instinct spot checked a few thousands of the compromised email accounts against previously recorded security breaches, and found that the database is a new batch of addresses that has not been previously seen or reported.

The discovery of TrickBooster “highlights the success and sophistication of TrickBot,” according to Deep Instinct, while the model was described as “a powerful addition to TrickBot’s vast arsenal” of methods of attack.

Deep Instinct said that it continuing its research and analysis into TrickBooster, and that it is in the process of reporting the details of the new TrickBot attack to the authorities.

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
These AI features might actually make me use Paint and Notepad again
Windows 11 logo on a laptop.

Your everyday Windows apps are going to get a whole lot smarter. As Microsoft mentions in its Windows Insiders Blog, using the Windows 11 Paint and Notepad app will improve thanks to new AI features that the tech giant is adding to make it more helpful for users. It's still in early testing, and there is no official information about when or if it'll roll out to all users.

For starters, the Notepad app for Windows 11, after getting an update that added autocorrect and spellcheck, is now getting a new Rewrite ability that helps you rewrite highlighted text following any instructions you add.

Read more
Best Samsung Galaxy deals: S24, Buds, Watches and more
The Galaxy Z Fold 4's Cover Screen.

Samsung’s Galaxy lineup is one of the more popular tech lineups on the market. Among it you’ll find some of the best headphone deals, best smartwatch deals, best tablet deals, and best phone deals available. Whatever piece of tech you may have your eye on Samsung likely has within the Galaxy lineup. These devices also see pretty significant discounts pretty regularly, so we thought we’d round up all of the best Samsung Galaxy deals to make finding the right Samsung Galaxy model for you more convenient. Read onward for all of the details on how to save, and if you’d like to shop more specifically within the Galaxy lineup you can start with Samsung Galaxy Z Flip 5 deals, Samsung Galaxy Z Fold 5 deals, Samsung Galaxy Buds deals, or Samsung tablet deals.
Samsung Galaxy Buds Pro 2 — $107 $199 46% off

The Galaxy Buds 2 Pro are the high-end model of Samsung’s Galaxy Buds earbuds. They make great competition for the best wireless earbuds even if they don’t make everyone’s list, and with their Intelligent Active Noise-Cancelation technology they compare well with the best noise-canceling headphones. The Galaxy Buds 2 Pro produce high quality audio whether you’re listening to music, watching movies, or talking on the phone, and they pair easily with any Bluetooth device.

Read more
A 2-in-1 has challenged the Surface Pro 11, but not how you might think
The ports shown on the side of the Surface Pro 11.

Microsoft's Surface Pro 11 epitomizes the detachable tablet form of 2-in-1 laptop, and it's come a long way since the company first introduced the form factor over a decade ago. The newest model leveraged Qualcomm's Snapdragon X chipset for strong performance and great battery life, making for the best version of the Surface Pro ever.

But the more popular 2-in-1 format is the 360-degree convertible, where the keyboard flips around from clamshell through tent and media modes into a tablet. HP's new OmniBook Ultra Flip 14, based on Intel's new Core Ultra Series 2 chips, is one of the best laptops in this category. But here's the question: Which makes for the better 2-in-1 experience?
Specs and configurations

Read more