Cybersecurity researchers have opened the lid on the continued resurgence of the Trickbot malware. The Russia-based transnational cybercrime group is working behind the scenes to revamp its attack infrastructure in response to recent counter efforts from law enforcement. The new capabilities discovered are used to monitor and gather intelligence on victims, using a custom communication protocol to hide data transmissions between command-and-control servers and victims. A separate report published by Cofense this week discovered fresh evidence of the botnet targeting companies in the retail, building materials, manufacturing, insurance, and construction industries.
Source: https://thehackernews.com/2021/07/trickbot-malware-returns-with-new-vnc.html