The latest arrival to the banking malware scene, and successor to the infamous Dyre Trojan continues to evolve.
TrickBot previously targeted banks and businesses in Australia, New Zealand, Germany, UK, Ireland, Canada, India and Singapore.
In a recent update, this list has now expanded to include The United States.
Figure 1 – Map showing TrickBot’s global target distribution
Figure 2 – TrickBot configuration snippet showing newly added US based target.
TrickBot’s target tally now includes a total of 225 unique banking and business related URLs.
While this is still a far cry from vast numbers of banks and businesses targeted by Dyre globally, this number is very likely to grow in the future as the malware’s authors are constantly increasing their target tally and continue to improve their malware with new features and abilities.