Trickbot is about as bad as they come in the world of malware. Originally a malware strain from the Windows ecosystem, security professionals have recently found samples of the code in the wild that prove that Trickbot has made the jump to the Linux world as well.
One of the things that makes this such a nasty little threat is the fact that it's best viewed as a muti-function toolkit.
It isn't just simple malware, which often has a limited bag of tricks and a very specific function. This is essentially the Swiss Army Knife of malware.
Another is the fact that just about any would-be hacker can get his or her hands on the code. Trickbot is often rented by hackers around the world who use it as a service to infiltrate whatever network they set their sights on and harvest whatever sort of data they're after.
Finally though, there's the fact that a Trickbot attack isn't 'just' a Trickbot attack. Once that malware strain has stolen whatever data the user wanted, it will often then be used to deploy a ransomware strain like Conti or Ryuk. It hits the target system with a devastating one-two punch, stealing yet more data and then encrypting files and locking down broad swaths of the victim's network.
NetWalker ransomware was first detected in August 2019 and making a strong surge in 2020 extorting approx $29M since March. FBI Alert warns that NetWalker ransomware hackers are targeting U.S. and foreign government organizations. Ransomware-as-a-service is evolving into a lucrative business threat for SMBs regardless of your business industry.
The most recent company to have fallen victim to hackers is Havenly. They are a US-based interior design firm with an interactive website that allows users to get interior design help from certified professionals.
The company reported the breach on August 2nd, 2020 but it was first discovered by researchers at BleepingComputer, on July 27th.
They discovered a massive database on the Dark Web that contained more than 386 million user records from 18 different companies. Inside that database, BleepingComputer found 1.3 million user records from Havenly.com.
Do you have a Netflix account? If so, you're certainly not alone. Since the start of the pandemic, the company has experienced unprecedented growth, and is now the video streaming service of choice for tens of millions. If you're one of those, be aware that an as yet unknown group of hackers has developed an exceptionally convincing looking phishing scam designed to harvest Netflix payment information.
The attack begins just like many do, with the receipt of an email explaining that your monthly Netflix payment failed. The email "helpfully" provides a link to what appears to be Netflix, complete with information boxes that allow you to re-enter your payment information.
The hackers took pains to make sure that their bogus email address bore a strong resemblance to the actual Netflix customer support email address. They also made sure the screen provided for you to enter your credit card information is a convincing replica of the real thing.