TrickBot Malware Shuts Down Operations | Devs Focusing on Ransomware Operations?

TrickBot malware has already shut down its operations after more than a month of being inactive, putting an end to one of the most notorious malware out there.

TrickBot Malware Now Targets Amazon, Microsoft, PayPal Users Among Other Tech Giants
Female Engagement Team) 1st Battalion 8th Marines, Regimental Combat team II works late into the night on her laptop on her reports on November 12, 2010 in Musa Qala, Afghanistan. There are 48 women presently working along the volatile front lines of the war in Afghanistan deployed as the second Female Engagement team participating in a more active role. by Paula Bronstein/Getty Images

TrickBot Malware

As per a news story by Bleeping Computer, TrickBot started taking over Windows computers way back in 2016, which infects through various ways, such as other malware and phishing emails.

Once the notorious malware infects a computer, TrickBot could then perform various tasks, such as downloading data and locking the system.

Bleeping Computer noted that the TrickBot malware could lock the screen, steal passwords and cookies from browsers, and OpenSSH keys.

Not to mention that the notorious malware could also steal the Active Directory Services database of a domain.

TrickBot has been spreading massively to hundreds and thousands of online users through its phishing schemes that use prominent tech giants and financial companies to target its victims.

In recent years, the developers of TrickBot have been forging partnerships with some ransomware gangs. In fact, they even went on to attempt creating their own ransomware operations, which did not go successfully.

The partner ransomware groups of TrickBot, including Ryuk and Conti, used the notorious malware to initiate the cyberattack.

The very own ransomware operations of the TrickBot devs is Diavol, but has not been a notable venture as one of their gang members was arrested early on.

TrickBot Shuts Down

According to a report by The Record, the servers of the TrickBot developers have been inactive since last December 2021. What's more, there have been no new reports of email phishing schemes from the notorious malware gang since then.

Google Chrome Users Beware: Emergency Update Releases to Fix Zero-Day Security Vulnerability
In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office in Dongguan, China's southern Guangdong province. - As the number of online devices surges and super-fast 5G connections roll out. NICOLAS ASFOURI/AFP via Getty Images

The CEO of the cybersecurity company, AdvIntel, Vitali Kremez, said that "TrickBot is gone," confirming that the dangerous malware operation has finally ceased.

The AdvIntel boss said the shut down comes after the aging TrickBot malware has become highly deductible by various cybersecurity tools.

Another cybersecurity firm that goes by the name Intel471 said that TrickBot has failed to update its malware to keep up with the times since it was released.

Thus, the company said that "detection rates are high, and the network traffic from bot communication is easily recognized."

Devs Focusing on Ransomware?

As per a report by the cyber intelligence firm, Intel471, the folks behind the TrickBot malware are now shifting their focus to more profitable and lucrative endeavors.

The TrickBot devs reportedly transferred to more stealth and newer BazarBackdoor ransomware.

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics