TrickBot

Malware Profile Updated a day ago
Download STIX
Preview STIX
TrickBot is a notorious form of malware that infiltrates systems to exploit and damage them, often through suspicious downloads, emails, or websites. Once it has breached a system, TrickBot can steal personal information, disrupt operations, and even hold data hostage for ransom. It has been linked to various other malware and ransomware cases, such as RYUK, Conti, and APT29, demonstrating its widespread use among threat actors. Unlicensed versions of the tool have further complicated investigations into these cybercrimes. Recently, significant progress has been made in the fight against this malicious software. A developer associated with TrickBot was sentenced to 64 months in prison, marking a major step in holding individuals accountable for their roles in creating and distributing this harmful malware. This sentencing is part of a broader global action against the criminal abuse of similar tools, coordinated by Europol. Notably, the operation also targeted ransomware hackers Mikhail Tsarev (aka Mango) and Maksim Galochkin (aka Bentley), who were members of the malware gang behind the TrickBot ransomware dropper. In addition to these efforts, Operation Endgame, a Europol-led initiative, has been launched to disrupt the criminal networks behind prolific malware families, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and TrickBot. This operation highlights the ongoing efforts by international law enforcement to combat the growing threat posed by these malware families. Furthermore, it underscores the interconnected nature of these threats, as Emotet, another malware, has been used to install TrickBot and Qbot, which steal users' bank data and carry out ransomware attacks.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
IcedID
8
IcedID is a type of malware, or malicious software, designed to exploit and harm computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, IcedID can steal personal information, disrupt operations, or even hold dat
Wizard Spider
5
Wizard Spider, also known as ITG23, DEV-0193, Trickbot Group, Fin12, and Grimspider, is a significant threat actor in the cybercrime landscape. This group has been continually analyzed by IBM Security X-Force researchers for its use of several crypters and is credited with creating the notorious, ev
Zeus
4
Zeus is a type of malware, short for malicious software, designed to infiltrate and damage computer systems. It can infect systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Zeus can steal personal information, disrupt operations, or even hold
Dyreza
3
Dyreza, also known as Dyre, is a sophisticated banking trojan malware that has garnered significant attention over the past several years. This malicious software is designed to exploit and damage computer systems, often infecting them through suspicious downloads, emails, or websites without user k
GOLD BLACKBURN
2
GOLD BLACKBURN is a threat actor known for its malicious cyber activities, including the operation of the TrickBot malware. This group has been observed in numerous ransomware incidents, highlighting their significant and ongoing threat to cybersecurity. The methods they employ are sophisticated and
Trickloader
1
TrickLoader is a malicious software (malware) that exploits and damages computer systems, often infiltrating through suspicious downloads, emails, or websites. It is designed to steal personal information, disrupt operations, or hold data hostage for ransom. Upon initial inspection of TrickLoader, i
Evil Corp
1
Evil Corp, a threat actor group based in Russia, has been identified as a significant cybercrime entity responsible for the execution of malicious actions. The alleged leader of this group is Maksim Yakubets, who is notably associated with Dridex malware operations. The U.S. Treasury imposed sanctio
UNC1878
1
UNC1878, tracked by Mandiant and identified by MITRE, is a notable threat actor involved in various cybercrime enterprises. This group is financially motivated and primarily monetizes network access via the deployment of Ryuk ransomware. A significant proportion of post-compromise activity linked to
Carberp
1
Carberp is a notable malware that has been widely used and modified by various threat actors. Its source code, which was leaked in 2013, has become the basis for a multitude of other malicious software due to its sophisticated design and capabilities. The malware can infiltrate systems through dubio
Hive Ransomware Gang
1
The Hive ransomware gang, a malicious group known for exploiting and damaging computer systems through harmful software, was significantly disrupted by the Federal Bureau of Investigation (FBI) in a series of operations. Six months ago, according to the US Department of Justice (DOJ), the FBI infilt
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Ransomware
Trojan
Botnet
Fraud
Cybercrime
Russia
Loader
Windows
Exploit
russian
Uk
Proxy
Backdoor
RaaS
Lateral Move...
Firefox
Extortion
Phishing
Trojan Malware
Linux
Dropper
Spam
Android
Bitcoin
Payload
Bot
Reconnaissance
Ransom
Treasury
Cybercrimes
Spyware
Worm
Vpn
Chrome
Crypting
Ddos
Apt
Netskope
Github
Ukraine
Kubernetes
Remote Code ...
Zero Day
Acrobat
Sandbox
Espionage
Europol
Tool
Locker
Crypter
Mikrotik
Known Exploi...
Outlook
Malware Drop...
Talos
Microsoft
Hospitals
Government
Police
Banking
United Kingdom
Telegram
exploitation
Russia’s
Nca
Mastodon
Cobalt Strike
Cybereason
Evasive
British
Crowdstrike
Keepass
Encryption
Antivirus
Decoy
Maas
Openssh
Downloader
Exploits
Governments
Encrypt
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
EmotetUnspecified
13
Emotet is a highly dangerous and insidious malware that has resurfaced with increased activity this summer. Originally distributed via email attachments, it infiltrates systems often without the user's knowledge, forming botnets under the control of criminals for large-scale attacks. Once infected,
ContiUnspecified
12
Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in
RyukUnspecified
11
Ryuk is a sophisticated malware, specifically a ransomware variant, that has been extensively used by cybercriminal group ITG23. The group has been employing crypting techniques for several years to obfuscate their malware, with Ryuk often seen in tandem with other malicious software such as Trickbo
DyreUnspecified
7
Dyre, also known as Dyreza or Dyzap, is a banking Trojan that was initially designed to monitor online banking transactions with the aim of stealing passwords, money, or both. It first emerged in 2009 and 2010, targeting victim bank accounts held at various U.S.-based financial institutions. These i
QakBotUnspecified
6
Qakbot is a potent malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or e
BazarloaderUnspecified
4
BazarLoader is a form of malware that has been utilized extensively by ITG23, a cybercriminal group. This harmful software infiltrates systems via suspicious downloads, emails, or websites, potentially stealing personal information, disrupting operations, or holding data for ransom. ITG23 has used B
BumblebeeUnspecified
4
Bumblebee is a type of malware that has been linked to ITG23, a cybercriminal group known for its use of crypters such as Emotet, IcedID, Qakbot, Bumblebee, and Gozi. Distributed via phishing campaigns or compromised websites, Bumblebee enables the delivery and execution of further payloads. The sam
Emotet, TrickbotUnspecified
4
None
DridexUnspecified
3
Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o
HiveUnspecified
3
Hive, a notorious malware known for its destructive capabilities, has been used by cybercriminals to exploit and damage computer systems. One such instance involved the infamous Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive data to crack passwords offline. This malicious software w
BazarbackdoorUnspecified
3
BazarBackdoor is a type of malware developed by ITG23, first identified in April 2020. It is commonly distributed via contact forms on corporate websites, bypassing regular phishing emails, which makes it harder to detect. The malware is often associated with BazarLoader, both of which were used ext
SmokeloaderUnspecified
3
SmokeLoader is a malicious software (malware) that has been extensively used by threat actors, particularly those associated with the Phobos ransomware. It functions as a backdoor trojan, often arriving on victims' systems via spoofed email attachments embedded with hidden payloads. Once downloaded,
NetwalkerUnspecified
2
NetWalker is a highly profitable ransomware kit, known for its ability to disable antivirus software on Windows 10 systems and encrypt files, adding a random extension to the encrypted ones. Once executed, it disrupts operations and can even hold data hostage for ransom. It has been observed that Ne
LockbitUnspecified
2
LockBit is a type of malware, specifically ransomware, that has been implicated in a series of high-profile cyber attacks on various organizations worldwide. The LockBit ransomware gang infiltrates systems often through suspicious downloads, emails, or websites, and once inside, it can steal persona
CobaltstrikeUnspecified
2
CobaltStrike is a notorious form of malware that has been used in conjunction with other malicious software including IcedID, Qakbot, BazarLoader, Conti, Gozi, Trickbot, Quantum, Emotet, and Royal Ransomware. This malware is typically delivered through suspicious downloads, emails, or websites, ofte
Royal RansomwareUnspecified
2
Royal Ransomware is a type of malware that has been causing significant disruptions in various sectors, particularly in the United States. Originating from the now-defunct Conti ransomware operation, Royal Ransomware was notorious for its multi-threaded encryption and ability to kill processes withi
Trickbot’sUnspecified
2
None
AkiraUnspecified
2
Akira is a malicious software, or malware, specifically a type of ransomware known for its disruptive and damaging effects. First surfacing in late 2023, it has continued to wreak havoc on various entities, including corporations and industries. This ransomware infects systems through suspicious dow
AnchorUnspecified
2
Anchor is a type of malware, short for malicious software, that infiltrates systems to exploit and cause damage. It can access systems through various methods such as suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can disrupt operations, steal personal info
cryptolockerUnspecified
1
CryptoLocker is a type of malware, specifically ransomware, that emerged as a significant threat to cybersecurity worldwide. This malicious software infiltrated systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, CryptoLocker encrypted user
PhorpiexUnspecified
1
Phorpiex is a notorious malware that has been identified as a substantial threat in the cyber landscape. This malicious software, designed to exploit and damage systems, infiltrates unsuspecting users' devices through suspicious downloads, emails, or websites. Once inside, it can cause significant h
BazaloaderUnspecified
1
BazaLoader is a type of malware, malicious software designed to infiltrate and damage computer systems, often without the user's knowledge. It is typically distributed through suspicious downloads, emails, or websites, and once inside a system, it can steal personal information, disrupt operations,
AzorultUnspecified
1
Azorult is a type of malware, or malicious software, that infiltrates systems to exploit and damage them, often without the user's knowledge. It has historically been one of the favored infostealers sold on the marketplace 2easy, alongside RedLine, Raccoon, Vidar, and Taurus. However, as of late Feb
AgentteslaUnspecified
1
AgentTesla is a well-known remote access trojan (RAT) that has been used extensively in cybercrime operations. It infiltrates systems through various methods, including malicious emails and suspicious downloads. Once inside, it can steal personal information, disrupt operations, or hold data hostage
Infamous ChiselUnspecified
1
Infamous Chisel is a malicious software (malware) that has been identified as a significant threat to Android users globally. It is designed to exploit and damage the targeted systems, infiltrating them via suspicious downloads, emails, or websites. Once inside, it can steal personal information, di
Gameover ZeusUnspecified
1
Gameover ZeuS, also known as P2P ZeuS, is a notorious piece of malware designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even
3amUnspecified
1
3AM is a new and sophisticated ransomware family that has recently emerged in the cyber threat landscape. The malware, known for its malicious intent to exploit and damage computer systems, operates by infiltrating the target infrastructure through suspicious downloads, emails, or websites. Once ins
HijackloaderUnspecified
1
HijackLoader is a new form of malware that is gaining rapid popularity within the cybercrime community. This malicious software, like others of its kind, is designed to infiltrate computer systems and devices, often unbeknownst to the user, through suspicious downloads, emails, or websites. Once ins
PegasusUnspecified
1
Pegasus is a highly sophisticated malware developed by the NSO Group, known for its advanced and invasive capabilities. It is classified as mercenary spyware, often used by governments to target individuals such as journalists, political activists, and others of interest. Pegasus is particularly not
Bazar LoaderUnspecified
1
Bazar Loader is a type of malware that infiltrates systems through phishing emails containing links to Google Drive, where the payload is stored. It's associated with the threat actors behind Trickbot and Anchor malware, as evidenced by our previous research from December 2019. The Bazar loader and
Bazar BackdoorUnspecified
1
The Bazar Backdoor is a malicious software (malware) that infiltrates systems through suspicious downloads, emails, or websites. Named after its use of EmerDNS blockchain domains, the Bazar loader and Bazar backdoor are associated with the threat actors behind Trickbot, Anchor malware, and other cyb
SystembcUnspecified
1
SystemBC is a malicious software (malware) that has been used in various cyber attacks to exploit and damage computer systems. This malware was observed in 2023, being heavily used with BlackBasta and Quicksand. It has been deployed by teams using BlackBasta during their attacks. Play ransomware act
PikabotUnspecified
1
PikaBot is a harmful malware that emerged in 2023, designed to exploit and damage computer systems. It infiltrates systems through dubious downloads, emails, or websites, often undetected by the user. Once inside a system, PikaBot can pilfer personal information, disrupt operations, or even ransom d
BokbotUnspecified
1
BokBot, also known as IcedID or Anubis, is a type of malware first discovered by X-Force in September 2017. It's a banking trojan that has been widely used in cybercrime operations to steal sensitive information such as banking credentials from infected computers. The malware infects systems through
Ragnar LockerUnspecified
1
Ragnar Locker is a type of malware, specifically a ransomware, that has been designed to infiltrate computer systems, often without the user's knowledge. It can enter systems through suspicious downloads, emails, or websites and once inside, it has the capability to steal personal information, disru
ValakUnspecified
1
Valak is a type of malware, or malicious software, that infiltrates systems to exploit and damage them. It was distributed by threat actor TA551, which has historically pushed various families of information-stealing malware such as Ursnif and IcedID. Valak, in particular, is known as a malware down
Rhysida RansomwareUnspecified
1
Rhysida ransomware is a type of malicious software that has been implicated in a series of high-profile cyber attacks. This malware infiltrates systems via suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or even hold data hostage for
CherryUnspecified
1
Cherry is a malicious software, or malware, that has recently impacted Cherry Health, a Michigan-based healthcare provider. The malware infiltrated the system through unknown means, disrupting operations and causing a significant ransomware attack. This incident underscores the security challenges f
QbotUnspecified
1
Qbot, also known as Qakbot or Pinkslipbot, is a modular information-stealing malware that emerged in 2007 as a banking trojan. Over the years, it has evolved into an advanced malware strain used by multiple cybercriminal groups to compromise networks and prepare them for ransomware attacks. The firs
Agent TeslaUnspecified
1
Agent Tesla is a malicious software (malware) that exploits and damages computer systems, often infiltrating the system through suspicious downloads, emails, or websites. This malware can steal personal information, disrupt operations, and potentially hold data for ransom. Agent Tesla has been obser
MazeUnspecified
1
Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w
REvilUnspecified
1
REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot
GoziUnspecified
1
Gozi is a notorious malware that has been linked to numerous cyber attacks. It's typically delivered through sophisticated malvertising techniques, often used in conjunction with other initial access malware such as Pikabot botnet agent and IcedID information stealer. When an individual accesses a c
DiavolUnspecified
1
Diavol is a type of malware, specifically ransomware, that infiltrates systems to exploit and cause damage. It can infect systems through various channels such as suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Diavol can steal personal information, disrupt ope
BazarUnspecified
1
"Bazar" is a form of malware, a malicious software designed to exploit and damage computer systems. This harmful program can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, it can steal personal information, disrupt operations, o
Team9Unspecified
1
Team9 is a malware, short for malicious software, that poses significant threats to computer systems and data. The malware's operations start with the Team9 loader, which upon examination shows a XOR key of the infection date in the YYYYMMDD format (ISO 8601). This loader downloads a XOR-encoded pay
Trickbot-AnchorUnspecified
1
None
FormbookUnspecified
1
Formbook is a type of malware known for its ability to steal personal information, disrupt operations, and potentially hold data for ransom. The malware is commonly spread through suspicious downloads, emails, or websites, often without the user's knowledge. In June 2023, Formbook was observed being
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Trickbot GroupUnspecified
10
The Trickbot Group, also known as ITG23, Wizard Spider, and DEV-0193, is a threat actor group notorious for its malicious activities. The group has been consistently analyzed by IBM Security X-Force researchers due to their development and use of several crypters. In the fall of 2020, efforts were m
Hive RansomwareUnspecified
2
Hive ransomware, a notorious threat actor, emerged as one of the most prolific groups in 2022, executing a series of cyberattacks with malicious intent. This group was responsible for numerous ransomware attacks, causing significant disruptions and damage across various sectors. However, in January
Conti Ransomware GangUnspecified
2
The Conti ransomware gang, a notorious threat actor in the cybersecurity landscape, has been responsible for extorting at least $180 million globally. The gang is infamous for the HSE cyberattack in 2021 and has been sanctioned by the National Crime Agency (NCA). In late 2021, experts suggested that
ITG23Unspecified
2
ITG23, also known as the Trickbot/Conti syndicate, is a significant threat actor that has been active since 2016 in the East European cybercrime arena. This group is renowned for its use of Reflective DLL Injection code in many of its crypters, with the presence of these crypters on a file sample be
Hive0106Unspecified
2
Hive0106, also known as TA551, is a notable threat actor recognized for its association with ITG23, another prominent entity in the cybercrime landscape. This partnership has been observed since mid-2021 by X-Force, a cybersecurity firm. Hive0106's primary role is as a distribution affiliate, delive
Conti TeamUnspecified
2
The Conti team, a threat actor group known for its malicious activities in the cyber realm, has seen significant developments and transformations over recent years. In September 2022, a splinter group from Conti Team One resurfaced under the name Royal Ransomware, conducting callback phishing attack
ZeonUnspecified
2
Zeon, a known threat actor in the cybersecurity landscape, has been linked to several high-profile ransomware attacks. It was instrumental in crypting SVCReady and CargoBay loaders, observed in Quantum and Royal ransomware attacks respectively. Zeon has also employed third-party ransomware such as B
FIN7Unspecified
2
FIN7, a notorious threat actor group known for its malicious activities, has recently been identified as targeting a large U.S. carmaker with phishing attacks. This group, which has previously operated behind fake cybersecurity companies such as Combi Security and Bastion Secure to recruit security
SandwormUnspecified
1
Sandworm, a threat actor linked to Russia, has been identified as a significant cybersecurity risk. Known for its sophisticated and malicious activities, Sandworm has notably compromised 11 Ukrainian telecommunications providers, disrupting services and posing a substantial threat to the digital inf
APT29Unspecified
1
APT29, also known as Cozy Bear, SVR group, BlueBravo, Nobelium, Midnight Blizzard, and The Dukes, is a threat actor linked to Russia. This group is notorious for its malicious activities in the cybersecurity realm, executing actions with harmful intent. It has been associated with several high-profi
TA551Unspecified
1
TA551, also known as Hive0106, Shathak, and UNC2420, is a financially motivated threat group that has been active in the cybercrime landscape. This threat actor has been linked to various malware distribution activities, including those involving QakBot, IcedID, Emotet, Bumblebee, Gozi, and other ma
ZevsUnspecified
1
Zevs is a threat actor, identified as being affiliated with the prominent distribution group Hive0106 (also known as TA551). This affiliation was revealed through leaked chats, where there were several instances of Bentley delivering crypted malware samples to affiliates and partners such as Cherry,
ZemUnspecified
1
None
ZvsUnspecified
1
None
EXOTIC LILYUnspecified
1
Exotic Lily, an initial access broker (IAB), has been active since at least September 2021. The entity conducts highly sophisticated phishing campaigns to gain initial access to organizations and then sells this access to other threat actors, including ransomware groups. A notable example of their m
FIN6Unspecified
1
FIN6, also known as ITG08, Skelaton Spider, and MageCart, is a notorious threat actor that has been implicated in various cybercrime activities. The group gained notoriety for stealing credit cards through point-of-sale (POS) systems in retail and hospitality establishments, most notably in the Home
Peach SandstormUnspecified
1
Peach Sandstorm, also known as Curious Serpens, APT33, Elfin, HOLMIUM, MAGNALIUM, and REFINED KITTEN, is a threat actor group believed to be linked to the Iranian nation-state. The group has been active since at least 2013 and has previously targeted sectors such as aerospace and energy for espionag
Anonymous SudanUnspecified
1
Anonymous Sudan, a threat actor group known for its malicious cyber activities, has recently been the subject of increased attention in the cybersecurity industry. This entity, which could consist of a single individual, a private company, or part of a government organization, is responsible for exe
Charming KittenUnspecified
1
Charming Kitten, an Iranian Advanced Persistent Threat (APT) group, also known as ITG18, Phosphorous, and TA453, is a significant cybersecurity threat. This threat actor has been associated with numerous malicious activities, exhibiting advanced and sophisticated social-engineering efforts. The grou
RhysidaUnspecified
1
Rhysida, a ransomware-as-a-service (RaaS) group, emerged as a significant threat actor in May 2023. Initially targeting Windows, it later expanded its operations to Linux systems. The group is known for its distinct attack methodology that involves defense evasion, exfiltration of data for ransom, a
RedflyUnspecified
1
RedFly, a threat actor group known for its malicious activities, has emerged as a significant cybersecurity concern. The group's operations are characterized by their strategic execution and targeted focus, often resulting in substantial security breaches. Threat actors like RedFly pose a significan
ZevUnspecified
1
Zev is a threat actor that has been reportedly active since 2016. Initially, this group was known for distributing payloads such as Valak, IcedID, and QakBot. However, in late June 2021, the group started distributing Trickbot with the 'zev' gtag. By mid-to-late July 2021, they had switched to Bazar
DarkbitUnspecified
1
DarkBit is a notable threat actor in the cybersecurity landscape, believed to be sponsored by the Iranian government. The group first gained significant attention following a ransomware and extortion attack on Technion, a leading research university in Israel, in February 2023. During this attack, a
TEMP.MixMasterUnspecified
1
TEMP.MixMaster, a notable threat actor in the cybersecurity landscape, is associated with the deployment of Ryuk ransomware following TrickBot malware infections. This activity has been tracked by FireEye and has been linked to financially-motivated cyber attacks. The modus operandi of TEMP.MixMaste
ITG08Unspecified
1
ITG08 is a notable threat actor in the cybersecurity landscape, known for its malicious activities and strategic partnerships with other threat actors. This group has been linked to a series of attacks through Tactics, Techniques, and Procedures (TTPs) consistent with their known modus operandi. Whi
Grim SpiderUnspecified
1
GRIM SPIDER is a malicious threat actor, along with INDRIK SPIDER and BOSS SPIDER, that has been continuously operating in the cybersecurity landscape. These entities are responsible for executing actions with harmful intent, which could range from data breaches to deploying ransomware. The cybersec
MUMMY SPIDERUnspecified
1
Mummy Spider, a known eCrime group, is recognized for its development of the Emotet malware. This threat actor has been linked to various names such as Gold Crestwood, TA542, and Mealbug, showcasing its extensive reach and influence in cybercrime activities. The cybersecurity industry has identified
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2021-40444Unspecified
2
None
RepojackingUnspecified
1
Repojacking is a software vulnerability that specifically targets repositories on platforms such as GitHub. This flaw in software design or implementation can lead to unauthorized access and manipulation of repositories, potentially leading to data breaches, codebase corruption, or dissemination of
Trickbot (TrickloaderUnspecified
1
None
Ms17-010Unspecified
1
MS17-010, also known as EternalBlue, EternalSynergy, or EternalRomance, is a significant remote code execution vulnerability in Microsoft's Server Message Block 1.0 (SMBv1) protocol. This flaw in software design and implementation was exploited by various malware strains, most notably the WannaCry r
CVE-2017-0143Unspecified
1
None
Source Document References
Information about the TrickBot Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Securityaffairs
a day ago
Security Affairs Malware Newsletter - Round 2
Securityaffairs
8 days ago
Security Affairs Malware Newsletter - Round 1
Securityaffairs
12 days ago
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors
Securityaffairs
15 days ago
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
BankInfoSecurity
21 days ago
European Union Sanctions Russian State Hackers
Securityaffairs
22 days ago
Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
a month ago
Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
InfoSecurity-magazine
a month ago
Ukrainian Cyber Police Identify Suspected LockBit and Conti Member
RIA - Information System Authority
a month ago
Topics of RIA’s quarterly overview: a clever Trojan is taking over Estonians’ computers and the HOIA app is safe
DARKReading
a month ago
Europol's Hunt Begins for Emotet Malware Mastermind
DARKReading
a month ago
Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops
Krebs on Security
2 months ago
‘Operation Endgame’ Hits Malware Delivery Platforms
BankInfoSecurity
2 months ago
European Police Take Down Botnet Servers, Make Arrests
InfoSecurity-magazine
2 months ago
Europol-Led Operation Endgame Hits Botnet, Ransomware Networks
Securityaffairs
2 months ago
Operation Endgame, the largest law enforcement operation ever against botnets
Securityaffairs
2 months ago
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
2 months ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
DARKReading
3 months ago
TA547 Uses an LLM-Generated Dropper to Infect German Orgs