A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware.

Started as a banking Trojan, the TrickBot has evolved to perform a variety of malicious behavior.

This behavior includes spreading laterally through a network, stealing saved credentials in browsers, stealing Active Directory Services databasesstealing cookies and OpenSSH keysstealing RDP, VNC, and PuTTY Credentials, and more.

TrickBot also partners with ransomware operators, such as Ryuk, to give access to a compromised network to deploy ransomware.

Capitalizing on the Black Lives Matter movement

Threat actors commonly utilize