Botnet TrickBot Modifications Target U.S. Mobile Users
released on 2019-08-28 @ 10:01:17 PM
Secureworks® Counter Threat Unit™ (CTU) researchers continually monitor the TrickBot botnet operated by the GOLD BLACKBURN threat group. A key feature of TrickBot is its ability to manipulate web sessions by intercepting network traffic before it is rendered by a victim's browser. TrickBot has targeted hundreds of organizations, mostly financial institutions, since it began widespread operation in October 2016. In August 2019, the dynamic webinjects used by TrickBot were augmented to include the following U.S.-based mobile carriers: Verizon Wireless, T-Mobile, Sprint