TrickBot is Updated and Can Steal Windows Database

trickbot-base-dataThere are many security threats that we can find when surfing the Internet. Many types of malware that can jeopardize the proper functioning of our systems. One of these threats that has been present in recent times is TrickBot . It is a Trojan that has been changing and adapting over time. Today we echo news that informs that TrickBot now also steals Windows database.



TrickBot also steals Windows database

A group of security researchers has discovered a new TrickBot Trojan module that targets the database on compromised Windows domain controllers.

Remember that TrickBot is usually installed through other malware, such as Emotet. You can arrive through a simple attachment in the email, for example. In this way the victim downloads it and his computer is infected.

Once TrickBot is in the system its function is to collect user data. It can steal very varied information that compromises the security and privacy of the victims. Now it seems that one of your goals is to steal Windows database .

To carry out this type of attack, TrickBot will download several modules that perform a specific behavior, such as stealing cookies, browser information, OpenSSH keys and spreading to other systems.

Security researcher Sandor Nemes has discovered a new TrickBot module called ‘ADll’ that executes a variety of Windows commands that allow the Trojan to steal a database from the Windows Active Directory .

Windows Defender desactivado por TrickBot

How to avoid being a victim of TrickBot

As we have seen, TrickBot is one of the threats that can put the security of users at risk. This makes it necessary to take into account certain tips to prevent systems from becoming infected. It is true that we can count on a wide range of tools that can help us, but we must also bear in mind that hackers update the way they attack to achieve their objectives.

The first tip is to have security software . There are many programs that we can install to protect our devices. We must bear in mind that we have to protect the computers regardless of the operating system we have. We can use both free and paid tools.

It is also very important to have the systems updated correctly. Sometimes vulnerabilities arise that are exploited by hackers to carry out their attacks. It is necessary to have the latest patches and updates installed to correct those security problems that may affect our equipment.

Finally, although this is the most important, common sense . We have seen that some varieties of malware such as TrickBot can arrive through email and a simple attachment. Avoid downloading or opening attachments that may be dangerous. It is always necessary to know the sender, as well as navigate through secure pages and not make mistakes.