Cybercriminals Work Together for More Money and Power

Hackers come in all shapes and sizes, from lone wolf attacks to organized hacking groups. In this particular case, two sophisticated groups have come together to share resources and power–something cybersecurity experts find very alarming. The two groups have merged two powerful bots, TrickBot and BokBot. Both groups, with significant financial hacking backgrounds, have joined forces to create a powerful merger of hacking collaboration that run much like a regular business, with employees who go to work every day and get a paycheck–only this time it’s for evil and not for good. The size and scope of attacks these two groups are now capable of are a source of great concern in the cybersecurity community.

Both TrickBot and BokBot have financial and retail backgrounds, with some of the fiercest banking malware hacks to date. These groups who once tried to outdo and even prevent each other’s hacks from being successful are now joined together in a very serious business. TrickBot’s banking Trojans arrive via email spam and once inside, they worm their way deep into a system, successfully bypassing virus detection software. BokBot then takes over, injecting malicious code and redirecting web traffic. The end result is a system takeover that steals financial data, including credit card and banking information from retailers and their customers, as well as direct hits on financial institutions. It’s a one-two punch virtually guaranteed to end in massive hacking theft–and a very profitable business merger at that.

Experts are seeing trends that show malware attacks of all types, including the hacking groups behind them, and that they are improving over time. Banking Trojans like TrickBot and BokBot may seem to fade into the background, only to return more powerful and effective. That’s why it’s so important that users are aware of the tricks these groups use. Most often, it’s phishing, but can also be in the form of malvertising or taking advantage of unpatched systems.

Email spam and phishing. Savvy users who question unexpected emails, especially those who don’t open the attachments or follow links they have, are much more likely to escape malware attacks. Hackers use every phishing trick in the book from subject line scare tactics to winning contests or gift cards to draw users into their web.

Malware in Ads. Malvertising is becoming more popular. We are inundated with advertisements these days. Be aware of what you click when you see an ad. Hiding malware in these is becoming quite lucrative for hackers.

Patching products. This goes for everyone. If you have a computer, a smartphone, a tablet, a smart crockpot, a smart home, or even a smart toilet, apply patches and updates as soon as you are notified of them.

Employee cyber education can literally save a business from financial ruin. Educating staff is critical to avoid tricky emails that are designed to steal data by using system takeovers that end in massive theft and ransomware attacks. Threats evolve over time, as this pairing shows. It’s important to stay as on top of them as is possible.

In a world where hacking groups like this are joining forces and running like corporations, cybersecurity awareness and online safety protocols are more important than ever.