A new malware campaign surfaced up, and this time the target is user passwords. The campaign is directed at Windows 10 users, but other platforms may be affected, as well.
It uses a password-stealing Trojan called TrickBot. The novelty of this malware, and also the dangerous part, is that it uses real-life information to deliver the payload.
What is this TrickBot malware and what does it do?
More specifically, as discovered by MalwareHunterTeam, a fake Office 365 page that is incredibly similar to a real one, providing even the links that lead to Microsoft, is prompting users to update their browser.
For the Chrome users, the message is called Chrome Update Center, and for the Firefox users, the message is entitled Firefox Update Center.
If you click on the Update button, the TrickBot information-stealing Trojan will automatically install on the PC and it will hide behind a svchost.exe process that will not raise any doubts in Task Manager.
After that, it will send sensitive information to a server. First, it’ll send info about the PC, programs, or services. Then, browsing data, login credentials, autofill information, and more importantly, passwords.
How can I protect my data from the TrickBot password-stealing Trojan?
If you’ve already encountered this malware campaign and clicked on the update button, we recommend that you immediately perform a full system scan to try to get rid of the Trojan.
To stay protected at all times, make sure that you use an anti-malware tool, or even better, an antivirus solution to keep you PC and your personal data safe.
If you’re looking for the best antivirus software to protect your data, check out this list with our best picks.
Don’t hesitate to take a look on that list and choose an antivirus that best fits your needs. And don’t forget to always keep your Windows updated, as this may save you from a lot of headaches.