Security News > 2020 > June > New propagation module makes Trickbot more stealthy

New propagation module makes Trickbot more stealthy
2020-06-01 09:53

Trickbot infections of Domain Controller servers has become more difficult to detect due to a new propagation module that makes the malware run from memory, Palo Alto Networks researchers have found.

Trickbot is also often dropped by Emotet as a secondary payload or is delivered via booby-trapped email attachments, but its lateral propagation mechanism is a big reason why it's become the bane of many a company's existence.

We already know that Trickbot developers are constantly working on improving the malware.

The best way to keep Trickbot infections at bay is to constantly and promptly update and patch Microsoft clients and servers.

The malware, on its own, is definitely bad new for enterprises, but Trickbot infections are also likely to be just one small part of a larger attack that will end with ransomware being deployed on many company systems and an even bigger headache to the victim organizations.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/z0OzD_To9pw/