Under Attack? Breach Response Hotline: Call 833.997.7327 (US/CAN)

TrickBot Malware

CISA and FBI Issue Joint Advisory on TrickBot Malware

 

 

Caleb Boma | March 17th, 2021

CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on TrickBot malware. A sophisticated group of cybercriminals are using phishing emails claiming to contain proof of traffic violations to lure victims into downloading TrickBot. TrickBot is a highly modular, multi-stage malware that provides its operators with a full suite of tools to conduct a myriad of illegal cyber activities.

Joint Advisory on TrickBot Malware

To secure against TrickBot, CISA and the FBI recommend users and administrators review AA21-076A: TrickBot Malware as well as CISA’s Fact Sheet: TrickBot Malware for guidance on implementing specific mitigation measures to protect against this activity.

In CISA’s TrickBot fact sheet, they explain that TrickBot operators enter environments mainly through phishing campaigns. After they gain initial access, they may execute first or second-stage payloads, deploy additional ransomware such as Conti or Ryuk, and load TrickBot into other networks.

TrickBot has evolved its capabilities over time to evade security protocols and get the most out of their attacks. SpearTip’s engineers are aware of the evolution of TrickBot and work to defend against threats just like it every minute of the day.

SpearTip’s cyber experts continuously monitor environments 24/7 in our US-based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have direct communication with our engineers at any moment and a completely transparent view of your risk profile.

If you think your organization has been breached, call our Security Operations Center at 833.997.7327.

Categories

Connect With Us

Featured Articles

Protecting Space Satellites
Protecting Space Satellites Using Cybersecurity
25 March 2024
Ransomware-as-a-Service
Growing Cyber Threat: Ransomware-as-a-Service
11 March 2024
Information Security Threats
10 Information Security Threats IT Teams Need To Know
08 March 2024
Data Protection
Companies Investing More Into Data Protection
06 March 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.