Hackers pushing the TrickBot banking trojan are exploiting tax season by pushing malicious Microsoft Excel spreadsheet documents via spam campaigns.
Researchers said that they discovered the malware in three different campaigns since Jan. 27, 2019. These campaigns target victims with emails pretending to be from large accounting, tax and payroll services firms – including ADP and Paychex. However, in reality the messages were carrying malicious Microsoft Excel attachments that eventually download and execute TrickBot trojan.
“Once TrickBot is installed on a potentially vulnerable device and can reach other devices on the network, it can further spread and pivot,” researchers with IBM X-Force warned in a Monday analysis.
Leave a reply