Skip to main content

TrickBot returns with new attack that compromised 250 million email addresses

The TrickBot malware, which earlier this year worked in tandem with the Ryuk ransomware to siphon millions of dollars for hackers, is back with a new attack that may have compromised as many as 250 million email accounts.

In a report by Deep Instinct, the cybersecurity company revealed a new variant of TrickBot that teams it up with a malicious, email-based infection and distribution module dubbed TrickBooster.

The new attack starts the same as in previous methods, with TrickBot infiltrating a victim’s computer. The malware then forces the machine to download TrickBooster, which reports back to a dedicated command and control server with lists of email addresses and log-in credentials harvested from the victim’s inbox, outbox, and address book. Afterwards, the TrickBooster server instructs the infected machine to send out malicious infection and spam emails, with the emails deleted from the outbox and trash folder to remain hidden from the victim.

In Deep Instinct’s investigation of TrickBooster and its associated network infrastructure, the cybersecurity firm discovered a database containing 250 million email accounts that were harvested by TrickBot operators. The addresses were likely also targeted with the malicious emails.

The recovered email dump includes about 26 million addresses on Gmail, 19 million on Yahoo, 11 million on Hotmail, 7 million on AOL, 3.5 million on MSN, and 2 million on Yahoo U.K. The compromised accounts also involved many government departments and agencies in the United States, including but not limited to the Department of Justice, the Department of Homeland Security, the Department of State, the Social Security Administration, the Internal Revenue Service, the Federal Aviation Administration, and the National Aeronautics and Space Administration. Others affected include government organizations and universities in the United Kingdom and Canada.

Deep Instinct spot checked a few thousands of the compromised email accounts against previously recorded security breaches, and found that the database is a new batch of addresses that has not been previously seen or reported.

The discovery of TrickBooster “highlights the success and sophistication of TrickBot,” according to Deep Instinct, while the model was described as “a powerful addition to TrickBot’s vast arsenal” of methods of attack.

Deep Instinct said that it continuing its research and analysis into TrickBooster, and that it is in the process of reporting the details of the new TrickBot attack to the authorities.

Aaron Mamiit
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
Microsoft Surface Laptop 5, Surface Pro 9 heavily discounted today
The Surface Pro 9 in laptop mode on a table.

Microsoft's Surface devices are well known for their versatility and performance, but they command premium prices. That's why there's always high demand for Surface Laptop and Surface Pro deals, as who doesn't want to enjoy a discount when making a huge investment? If you're interested, Best Buy is offering the Microsoft Surface Laptop 5 at $300 off, which brings its price down to $1,000 from $1,300, and the Microsoft Surface Pro 9 at $540 off, which lowers its price also to $1,000 from $1,540, ahead of the arrival of the consumer versions of the Surface Laptop 6 and Surface Pro 10. You need to push through with your transaction as soon as possible if either of these bargains caught your attention, as we're not sure how much time is remaining before they disappear.
Microsoft Surface Laptop 5 -- $1,000, was $1,300

The Microsoft Surface Laptop 5 is a traditional Windows 11 laptop that's powered by the 12th-generation Intel Core i5 Evo processor, Intel Iris Xe Graphics, and 8GB of RAM. It won't match up to the performance of the best laptops, but it's going to be more than enough to handle daily tasks for work or school. The laptop features a 13.5-inch PixelSense touchscreen with vibrant colors and sharp details, a battery that can last up to 18 hours on a single charge, and a 512GB SSD that provides ample storage space for your files. The Microsoft Surface Laptop 5 also comes with a 720p webcam and dual far-field Studio Mics for clear video calls.

Read more
The best MacBook to buy in 2024
Apple MacBook Pro 16 downward view showing keyboard and speaker.

Now that Apple has started outfitting its laptops with its M3 generation of chips, it's time to take another look at which is the best MacBook to buy in 2024. That’s not always easy, though, as buying the newest MacBook isn’t always the right decision. Apple has several tiers of performance, as well as various sizes, which can further complicate the matter.

What’s more, you can also still get M1 and M2 MacBooks, some from Apple’s own website and some from third-party retailers. But are they still worth your money? Our guide should help you decide.

Read more
9 best laptops of 2024: tested and reviewed
The MacBook Air on a white table.

To earn the crown as the best laptop in 2024, a device needs to have it all: gorgeous design, killer performance, a productive keyboard, long-lasting battery life, and much more.

Each of the laptops below has been vetted thoroughly by Digital Trends. Whether it's an affordable Chromebook or a top-of-the-line gaming laptop, they've all been subjected to real-world testing, as well as benchmark and battery tests, to collect enough data to objectively pit them against each other.

Read more