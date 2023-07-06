Open Menu

US, Canada-Based Networks Infected By Truebot Malware - CISA

Sumaira FH Published July 06, 2023 | 11:23 PM

Truebot Malware variants, used to collect and exfiltrate information from targeted networks, have been identified as acting against organizations in the United States and Canada, the Cybersecurity and Infrastructure Security Agency (CISA) said in a report on Thursday

The activity of the TrueBot downloader Trojan botnet, which is associated with the silence threat operation linked with Evil Corp, was previously delivered by malicious phishing email attachments, the report said.

However, new versions of the malware permit cyber actors to gain initial access to machines through software used during cloud-based IT system auditing, the report said.

Once access is gained, the malware allows cyber actors to move laterally within a compromised network, the report said.

Truebot has the ability to collect sensitive host data and send that data to an encoded string in a matter of hours, the report said.

The report also includes a list of Truebot-rooted attack vectors and malware families to be on the lookout for, the report added.

The CISA urges any affected or suspecting organization to contact the CISA or the FBI, according to the report.

