TrickBot returns with new attack that compromised 250 million email addresses

The TrickBot malware, which earlier this year worked in tandem with the Ryuk ransomware to siphon millions of dollars for hackers, is back with a new attack that may have compromised as many as 250 million email accounts.

In a report by Deep Instinct, the cybersecurity company revealed a new variant of TrickBot that teams it up with a malicious, email-based infection and distribution module dubbed TrickBooster.

The new attack starts the same as in previous methods, with TrickBot infiltrating a victim’s computer. The malware then forces the machine to download TrickBooster, which reports back to a dedicated command and control server with lists of email addresses and log-in credentials harvested from the victim’s inbox, outbox, and address book. Afterwards, the TrickBooster server instructs the infected machine to send out malicious infection and spam emails, with the emails deleted from the outbox and trash folder to remain hidden from the victim.

In Deep Instinct’s investigation of TrickBooster and its associated network infrastructure, the cybersecurity firm discovered a database containing 250 million email accounts that were harvested by TrickBot operators. The addresses were likely also targeted with the malicious emails.

The recovered email dump includes about 26 million addresses on Gmail, 19 million on Yahoo, 11 million on Hotmail, 7 million on AOL, 3.5 million on MSN, and 2 million on Yahoo U.K. The compromised accounts also involved many government departments and agencies in the United States, including but not limited to the Department of Justice, the Department of Homeland Security, the Department of State, the Social Security Administration, the Internal Revenue Service, the Federal Aviation Administration, and the National Aeronautics and Space Administration. Others affected include government organizations and universities in the United Kingdom and Canada.

Deep Instinct spot checked a few thousands of the compromised email accounts against previously recorded security breaches, and found that the database is a new batch of addresses that has not been previously seen or reported.

The discovery of TrickBooster “highlights the success and sophistication of TrickBot,” according to Deep Instinct, while the model was described as “a powerful addition to TrickBot’s vast arsenal” of methods of attack.

Deep Instinct said that it continuing its research and analysis into TrickBooster, and that it is in the process of reporting the details of the new TrickBot attack to the authorities.

News

A new phishing scam targets Amazon users just in time for Prime Day

Security researchers at McAfee say that hackers have released a do-it-yourself kit that allows people to easily put together phishing scams targeting Amazon users -- just in time for Prime Day.
Small Business

The 15 best tech jobs boast top salaries, high satisfaction, lots of openings

June may be ending, but the bonanza of tech jobs just keeps coming. High-paying jobs abound at companies where people love to work. If you’re ready to make a change, this is a great time to look for something more fulfilling.   
Computing

Marriott faces $123M fine for huge data breach that targeted millions of guests

Hotel giant Marriott is facing a $123 million fine for a data breach that affected 339 million of its Starwood customers. The penalty comes just a day after British Airways was hit with an even bigger fine for a similar transgression.
Mobile

Huawei's Android alternative will be faster than Android, according to its CEO

The U.S. Commerce Department has added Huawei to its "Entity List." Google, Intel, and ARM are all confirmed or rumored to be ceasing business with the company, which may have disastrous effects on Huawei.
Computing

Walmart cuts price on RCA 11 Galileo Pro by $82, a budget tablet option for kids

Tablet PCs are a lightweight and affordable alternative to laptops. Check out this Walmart deal for the RCA 11 Galileo Pro if you are planning to get one. Walmart is offering the 11 Galileo Pro at a discounted price of $98.
Computing

The Microsoft Surface Laptop 2 gets a $140 price cut before Prime Day

We’ve already gathered some pre-Prime Day MacBook deals, but if you’re not a fan of Apple, this MacBook Surface Laptop 2 discount is worth a look. Though there will likely be more Prime Day laptop deals coming down the pipeline.
Deals

Walmart Prime Day sale: 4K TV, iPad, and Nintendo Switch Deals

Amazon Prime Day 2019 is here, and thousands of deals are already live. Of course, we should have known Walmart wasn't just going to sit back and let Amazon bask in the glory of its own Prime Day deals.
Deals

Early Prime Day deals: MacBook, 4K TV, AirPods, and Apple iPad discounts

Prime Day 2019 is coming fast and great early deals pop up every day. We've been tracking the hottest categories including smart home devices, 4K TVs, laptops, and headphones pulling out the best deals.
Deals

The Apple iPad Pro gets a huge $175 discount for Walmart’s Prime Day sale

Whenever online retailers battle for supremacy, shoppers usually win. And that's definitely the case with Walmart's iPad deals going on right now. If you're in the market for a 10.5-inch iPad Pro, you can pick one up with a $175 discount.
Deals

HP offers up its own sweet deals on Spectre x360 laptops for Prime Day 2019

Prime Day doesn't just mean Amazon's having a huge sale for its Prime members. Other companies like HP are offering their own deals and discounts. In fact, check out HP's current sale on its Spectre x360 laptops.
Deals

Best Prime Day Apple deals: iPad, MacBook, and AirPods discounts

Prime Day is officially here, and there are still some nice Apple deals to be had during Amazon's big event. We’ve rounded up iPads, Macbooks, and more, along with a quick and handy guide detailing what Apple deals you can expect to find.
Deals

Best Prime Day Apple deals: iPads, MacBooks, and Apple Watches

Prime Day is officially here, and there are still some nice Apple deals to be had during Amazon's big event. We rounded up a few right here, along with a quick and handy guide detailing what Apple deals you can expect to find.
Deals

The Eero Pro Wi-Fi system is $200 off in early Amazon Prime Day deal

Amazon Prime Day is a fine time to upgrade your home Wi-Fi system. Now, Amazon Prime members only can secure an early Prime Day deal on a mesh network wireless router, with the Eero Pro Wi-Fi system now just $299.
Smart Home

Amazon cuts prices on Google Wi-Fi mesh network router for Prime Day

Amazon cut prices on Google Wi-Fi mesh wireless network devices for Prime Day 2019. Google Wi-Fi systems mesh network routers are expandable. If you use a conventional router and want faster Wi-Fi, these deals can help you save.