Security Market Segment LS
Thursday, 18 July 2019 14:49

TrickBooster malware compromising millions of email accounts


Security vendor Deep Instinct has detected malware that targets Microsoft Outlook and has compromised more than 250 million email accounts.

According to Deep Instinct security researchers, TrickBooster — a variant of the TrickBot malware that's been around since 2016 — has already compromised accounts associated with prominent government organisations, national security agencies, leading universities, more than 150 F500 companies as well as private users.

That 250 million includes 26 million Gmail accounts, 26 million Yahoo! accounts, 11 million Hotmail accounts, 3.5 million MSN accounts, and 2 million Yahoo! UK accounts.

TrickBooster's significance was realised when Deep Instinct researchers uncovered a database containing 250 million e-mail accounts harvested by TrickBot and TrickBooster operators, which were also used as lists of targets for malicious delivery and infection.

Once TrickBooster has gained a foothold, it steals addresses, accounts and log-in credentials, sends malicious weaponised messages, and deletes those messages from the victim's outbox and trash folders.

"The size, scale and sophistication of this cyberattack is one of the most advanced ever seen," said Deep Instinct chief executive and co-founder Guy Caspi.

"This malware actively avoids detection as it spreads and harvests enormous amounts of data. And while our investigations have uncovered that the attack has collected and targeted more than 250 million email accounts, it's clear from our analysis in the last 72 hours that this is just the tip of the iceberg.

"We are currently notifying key government and law-enforcement authorities globally to help minimise further damage."

According to Deep Instinct, one reason why TrickBooster was able to spread so widely before being detected is that its infecting executable does a particularly thorough job of cleaning up after itself.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments