It has been reported lately that Trickbot Trojan malware penetrates the banking systems by using a malvertising campaign. Thus, it is believed that the spam campaign has been active for a few months. The malware attack targets to steal the login details, personal information and authentication codes.
However, now the time has come to the blockchain platform which is closely related to financial institutions.
As Forcepoint reports, they found out that a Trickbot campaign now targets cryptocurrencies and reported to have targeted PayPal.
It is significant that the malware also targets Coinbase, a cryptocurrency exchange which solely involves cryptocurrencies like Bitcoin, Ethereum, Litecoin and other digital assets that are now under the threat of being stolen.
A functional that allows to display a fake login form in the browser when you visit Coinbase.com was found in the Trojan configuration. With the help of Trickbot scammers can steal money from the compromised accounts. According to the reports, this version of Trickbot was discovered last week in a small spam campaign. The Troyan disguised under the documents of the Canadian Imperial Bank of Commerce (CIBC) and was supposedly focused primarily on Canadian users.
Trickbot is a new malware that appeared in the fall of 2016. Some experts speculate that Trickbot and the bank's Trojan Dyre have one developer.