A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware.
Started as a banking Trojan, the TrickBot has evolved to perform a variety of malicious behavior.
This behavior includes spreading laterally through a network, stealing saved credentials in browsers, stealing Active Directory Services databases, stealing cookies and OpenSSH keys, stealing RDP, VNC, and PuTTY Credentials, and more.
TrickBot also partners with ransomware operators, such as Ryuk, to give access to a compromised network to deploy ransomware.
Capitalizing on the Black Lives Matter movement
Threat actors commonly utilize