Trickbot Malware Re-emerging via MS Word Documents

[Aug 18, 2018]

Trickbot malware is one of the widely known Banking Trojan emerging again (originated in the middle of 2016) with sophisticated techniques to at target the various financial institutions and large bank to steal the banking credentials.

An initial distribution of  Trickbot malware launching via Microsoft word document which contains embedded Macro code.

The current version of Trickbot malware is spreading with a powerful code injection technique to evade the detection, anti-analysis technique and disable the security tools that run in the target victims computer.

Trickbot have ability to stealing the data from Microsoft Outlook, locking the victim’s computer, information gathering, network information gathering and domain credentials stealing.

It Also distributed with the technique such as sleep for long and short time to avoid detection for the most of the security software. 

Cyber Security Tips:

  • Be careful with suspicious emails. Do not open any links or attached files if the letter seems suspicious. Hackers use various social engineering techniques that might trick into opening an obfuscated MS Word or PDF File.
  • Avoid browsing through insecure and high-risk websites. Also, if you end up on a suspicious site, close it immediately. Clicking on provided content, and especially ads, might lead to malware attack.
  • Keep software updated. Regularly update all the programs that are installed on your PC, as well as operating system.
  • Protect your computer with security software.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at

Up ↑

%d bloggers like this: