The End of TrickBot

June 7, 2022

The malware of many tricks and no treats

In 2016, the threat group Wizard Spider developed TrickBot – a highly modular banking trojan believed to be the successor of Dyreza. The malware targets a wide range of industries, including academic, energy, financial services, healthcare, manufacturing, media, retail, telecommunications, and technology. 

The clever modularity of TrickBot’s design allowed multiple plugins to be deployed over the years, creating mutants with additional abilities such as worming capabilities, evasion techniques, information harvesting, and a lot more. Lots of tricks indeed.

Despite its success and popularity, the Wizard Spider group has decided to drop the project and focus on the development of the more profitable Conti Ransomware. 

In our platform, you can gain a comprehensive insight into the different modular capabilities of TrickBot, and explore meaningful defense methods to protect from it.  


Past campaigns

shutterstock_1972278728 1

Symbiote Malware

Intezer and the BlackBerry Research and Intelligence Team recently published their comprehensive research on Symbiote, a highly evasive Linux malware. Appropriately named after the biological […]

Read More

Conti – Ransomware as a service program

Conti is a ransomware-as-a-service program and is one of the most prolific ransomwares of the past year. In what is believed to have been an […]

Read More
Video-Thumbnail (002)

Interview – BCC Grupo Cajamar – ICL

Out of over 200 teams, BCC Grupo Cajamar’s cyber defense team, “Blue’s Boys”, was one of only 13 teams to make it to the finals. […]

Read More

And the next stop is – root privileges!

And the next stop is – root privileges! Microsoft has recently discovered several vulnerabilities, collectively referred to as Nimbuspwn. This lethal combination could allow an […]

Read More
Jester Stealer

Jester Stealer – the clown that will make you cry.

Microsoft’s recently discovered vulnerabilities, collectively referred to as ‘Nimbuspwn’, could allow attackers to elevate privileges to root level privileges (the highest level privileges e.g., administrator) […]

Read More