![]() ![]() TrickGate’s functionalitiesĪlthough the code analyzed by the researchers has changed over the last six years, the main functionalities exist on all samples. As it’s unlikely that different threat actors took vacation at the same time, the researchers dug further and found TrickGate. When Check Point suddenly stopped seeing that code being used, they discovered that it had stopped deploying for several different attack campaigns at the exact same time. Security researchers considered parts of the TrickGate code to be shared code that would be widely used by many cybercriminals, as is often the case in the malware development environment where developers often copy existing code from others and modify it. The top 6 enterprise VPN solutions to use in 2023ĮY survey: Tech leaders to invest in AI, 5G, cybersecurity, big data, metaverseĮlectronic data retention policy (TechRepublic Premium) Google offers certificate in cybersecurity, no dorm room required SEE: Mobile device security policy (TechRepublic Premium) How did TrickGate stay undetected for so long? Must-read security coverage All the usual initial compromise vectors can be used, such as phishing emails or abuse of vulnerabilities to compromise a server or computer, and the crypted files might be in archive files (ZIP, 7 ZIP or RAR) or in the PDF or XLSX format. The threats crypted by TrickGate are delivered in different formats depending on the threat actor deploying it. ![]()
0 Comments
Leave a Reply. |