TrickBot Adds ActiveX Control, Hides Dropper in Images

2 March 2020

The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX—a feature in Remote Desktop Protocol (RDP) – to automatically trigger malicious macros in documents attached to targeted malspam emails.

Read full article on Threat Post

Date:

2 March 2020

Categorie(s):

NEWS

Tag(s):

Dropper, Evolve, Images, Macros, Malware

Audio deepfakes: What they are, and the risks they present16 April 2024
31% of women in tech consider switching roles over the next year16 April 2024
IntelBroker Claims Space-Eyes Breach, Targeting US National Security Data16 April 2024
From Idea to Success: How to Operationalize a Startup from Zero to Exit – Seth Spergel – BSW #34615 April 2024
CISA in a flap as Chirp smart door locks can be trivially unlocked remotely15 April 2024