TrickBot Comes to Cellular Carriers

Researchers have discovered that TrickBot, a credential-theft botnet operated by the Gold Blackburn threat group, has been modified to target mobile device users on Sprint, T-Mobile, and Verizon cellular networks. The research, conducted by the Counter Threat Unit Research Team at SecureWorks, found that TrickBot is using its traditional techniques — a man-in-the-middle attack that captures a web session, routes it to a command-and-control server where code is injected to request user credentials, then sends the page to the victim — in requests to the websites run by the three cellular networks.

Read full article on Dark Reading

 


Date:

Categorie(s):