Endgadged reported that "TrickBot malware may recently have stolen as many as 250 million email accounts, including some belonging to governments in the US, UK and Canada. The malware isn't new. In fact, it's been circulating since 2016.
But according to cybersecurity firm Deep Instinct, it has started harvesting email credentials and contacts. The researchers are calling this new approach TrickBooster, and they say it first hijacks accounts to send malicious spam emails and then deletes the sent messages from both the outbox and trash folders.
In a recent investigation, Deep Instinct found a database containing 250 million compromised email accounts. The firm says millions of those belong to governments in the US and UK, as well as agencies in Canada.
The database contained more than 25 million Gmail addresses, 19 million Yahoo.com addresses and 11 million Hotmail.com addresses. AOL, MSN and Yahoo.co.uk were also hit. As DeepInstinct points out, TrickBot could use those emails to distribute more of its own malware.
According to TechCrunch, the researchers first detected TrickBooster on June 25th. Deep Instinct is still investigating, and it's in the process of sharing information with authorities. The update is unsettling, as it's so widespread, and as Deep Instinct puts it, TrickBooster is a "powerful addition to TrickBot's vast arsenal of tools."
Yikes.
Don't be a victim again. Get your Ransomware Hostage Rescue Manual.
New 2019 Edition! Get the most informative and complete hostage rescue manual on Ransomware. This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with malware like this. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
- What is Ransomware?
- Am I Infected?
- I’m Infected, Now What?
- Protecting Yourself in the Future
- Resources
Don’t be taken hostage by ransomware. Download your rescue manual now!
Or cut & paste this link in your browser: http://info.knowbe4.com/ransomware-hostage-rescue-manual-0