One of the Internet’s most aggressive threats could take UEFI malware mainstream

by
Dan Goodin
from Ars Technica - All content on (#5B5XG)
malware-800x600.jpg

Enlarge (credit: Getty Images)

One of the Internet's most aggressive threats has just gotten meaner, with the ability to infect one of the most critical parts of any modern-day computer.

Trickbot is a piece of malware that's notable for its advanced capabilities. Its modular framework excels at gaining powerful administrator privileges, spreading rapidly from computer to computer in networks and performing reconnaissance that identifies infected computers belonging to high-value targets. It often uses readily available software like Mimikatz or exploits like EternalBlue stolen from the National Security Agency.

Once a simple banking fraud trojan, Trickbot over the years has evolved into a full-featured malware-as-a-service platform. Trickbot operators sell access to their vast number of infected machines to other criminals, who use the botnet to spread bank trojans, ransomware, and a host of other malicious software. Rather than having to go through the hassle of ensnaring victims themselves, customers have a ready-made group of computers that will run their crimeware.

Read 10 remaining paragraphs | Comments

index?i=lI7UGsuZVQA:o8TbW4Ba_jQ:V_sGLiPB index?i=lI7UGsuZVQA:o8TbW4Ba_jQ:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments