Attackers have created a fake Office 365 site that is distributing the TrickBot password-stealing Trojan disguised as Chrome and Firefox browser updates. If you click on the Update button, an executable named upd365_58v01 will be downloaded that will install the Trojan. Trojan will then immediately begin to communicate with the C2 server where it will execute a variety of modules. The Trojan will look for and steal saved login credentials, browsing history, form autofill information, and more.
Source: https://www.bleepingcomputer.com/news/security/fake-office-365-site-pushes-trickbot-trojan-as-browser-update/

