TrickBot Hackers Have Created the Ultimate “On the Fly” Update Backdoor

Security concept Lock on digital screen, illustration-2The newly-created “PowerTrick” backdoor leaves malware ready to accept new commands and victim organizations perpetually in danger of the next thing the malware’s creators can think of.

It’s bad enough to be infected with a sophisticated piece of malware that supports multiple attack functionalities to support a variety of needs by those executing it. But this new version of malware from the cybercriminal group known as TrickBot puts their most valuable targets – usually financial institutions at even higher risk.

According to security researchers at Sentinel One, TrickBot’s latest malware contains a stealthy backdoor tool, dubbed “PowerTrick”, that establishes persistence and allows for reconnaissance and the accepting of future commands, making their malware updatable and extensible as TrickBot sees fit over time.

This is dangerous stuff; whatever the scheme is today, with this new post-exploit tool in place, TrickBot can easily launch a new attack within compromised organizations down the road.

And, while TrickBot have mostly focused on the finance sector, the presence of PowerTrick will simply be the next big thing to be adopted by other malware creators, causing this to become a standard part of the attack. So, organizations of every vertical should take note and put measures in place to come as close to ensuring no malware can infect endpoints as is possible.

This should include Security Awareness Training to reinforce the need for users to remain vigilant, assuming that some small percentage of malware will get past security solutions. Users that undergo this training are cognizant of the need to be watchful of emails and web content that seem suspicious in nature.

PowerTrick is just the first of what will likely become many extensible malware backdoors. You should assume we’ll be seeing more of this kind of methodology used by malware creators, and take steps today to prevent infection.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews