The modular banking trojan known as Trickbot has evolved to become one of the most advanced trojans in the threat landscape. Trickbot was originally designed to steal and exfiltrate sensitive information from a compromised host through stealing cookies from browsers or performing webinjects on banking or cryptocurrency trading sites. The group behind Trickbot have expanded their activities beyond credential theft into leasing malware to APT groups. The list of available modules for Trickbot is growing larger with time which shows that the authors are actively looking for new ways to use it for financial gain. Trickbot is typically delivered via a spam email containing a malicious document or malicious URL.”]
Source: https://blog.talosintelligence.com/2020/03/trickbot-primer.html

