TrickBot, a malware that infects victims’ computers in order to steal email passwords and address books to spread malicious emails, has been evolving rapidly since it was first spotted back in 2016. Since its inception, the highly adaptable malware has allowed creators to add new components as they see fit, even adapting for tax season in an attempt to steal tax documents for making fraudulent returns. 

More recently the malware has been used for its cookie-stealing capabilities, which allow attackers to log into their victims accounts without needing their passwords. These new capabilities, deemed “TrickBooster” by researchers, allow the malware’s user to send malicious emails from a victim’s account. The malware then deletes the sent messages from both the outbox and sent items folders to avoid being detected.

The malware has already hoarded loads of data. Deep Instinct, a cybersecurity firm, has found evidence that the malware has already collected over 250 million email addresses. These emails aren’t just limited to average individual consumers either, several U.S. government departments and foreign governments have also had credentials compromised by the malware.

TrickBot’s TrickBooster is yet another reason business owners should be wary about the level of data security they employ within their respective companies. This particular malware’s ability to go undetected while simultaneously harvesting scores of sensitive data should be enough for everyone to take a step back and ensure themselves that they’re thoroughly prepared for these types of situations. 

Story via TechCrunch