TrickBot malware targets users of U.S. mobile carriers Verizon, T-Mobile and Sprint via web injects to steal their PIN codes; enabling SIM swapping attacks. This latest attack marks a rapid departure from TrickBot s previous targets including banks. The malware has switched up its technique to go after remote desktop application credentials and target firms using a tax-themed phishing lure. Researchers say in order to mitigate this malware, organizations should use time-based one-time password-factor authentication (MFA multi-factor MFA), as opposed to SMS MFA.
Source: https://threatpost.com/trickbot-targets-verizon-t-mobile-sprint-users-to-siphon-pins/147792/