Old Exploits Up to Old and New Tricks: TrickBot

The classics never get old, do they? Sometimes an old classic receives a new look, like the remake of West Side Story or Ghostbusters. In the case of Conti ransomware, the classics that never get old are TrickBot and Cobalt Strike, used by Conti to distribute their ransomware. In the case of TrickBot, the remake comes with creative new obfuscation techniques. This article discusses the current incarnation of TrickBot, its historical evolution, new tradecraft it employs, and what the future holds according to some hints dropped in recent weeks.

TrickBot certainly merits the discussion, as the stakes involved are high. During its campaigns, TrickBot has been used for bank account takeover, high-value wire fraud, and ransomware attacks striking critical organizations, to name a few of the consequences of its deployment.

Read More