Trickbot malware has been updated with a bootkit module, nicknamed Trickboot. The bootkit can search for UEFI/BIOS firmware vulnerabilities, according to a report from security firms Eclypsium and Advanced Intelligence. Trickbot has been a primary tool used to dispense banking Trojans along with Ryuk and Conti ransomware. It is generally distributed “as-a-service” with Symantec attributing its use to the Wizard Spider group. In October, Microsoft and several federal agencies knocked Trickbot’s servers offline, but operators quickly bounced back.”]
Source: https://www.cuinfosecurity.com/trickbot-now-uses-bootkit-to-attack-firmware-a-15517