TrickBot started off as a banking information stealer, but nothing about is simple—even right from the beginning.
When Malwarebytes researchers initially found TrickBot in 2016, it already boasted of attributes one does not normally see in “simple” credential stealers. Initially, it targeted financial services and users for banking data. It also drops other malware.
TrickBot has the reputation of being the successor of Dyreza, another credential stealer that first appeared in the wild in 2014. TrickBot shared similarities with Dyreza, such as certain variables with like values and the way TrickBot creators set up the command-and-control (C&C) servers TrickBot communicates with. This has led many researchers to believe that the person or group who created Dyreza also created TrickBot.
When Malwarebytes researchers initially found TrickBot in 2016, it already boasted of attributes one does not normally see in “simple” credential stealers. Initially, it targeted financial services and users for banking data. It also drops other malware.
TrickBot has the reputation of being the successor of Dyreza, another credential stealer that first appeared in the wild in 2014. TrickBot shared similarities with Dyreza, such as certain variables with like values and the way TrickBot creators set up the command-and-control (C&C) servers TrickBot communicates with. This has led many researchers to believe that the person or group who created Dyreza also created TrickBot.