Blog

Trickbot Malware Has A New Trick Up Its Sleeves

Jul 17, 2020 | Blog

Malware Lab’s researcher Maciej Kotowicz has made an intriguing discovery that makes the Trickbot banking trojan even more of a threat. The most recent strain of the malware he looked at is sporting a new feature that allows the code to check the resolution of the screen on the machine it’s running on.

If it finds the resolution to be either 800 x 600, or 1024 x 768, which are commonly used on virtual machines to examine such code, the process will terminate.

This is both good news and bad. On the one hand, since most virtual machines run those resolutions, it makes detecting Trickbot a much more difficult proposition. Given that, it’s a safe bet that other forms of malware will soon be utilizing the technique to help them evade detection.

It does mean that if your monitor is configured to use either of those resolutions, you’re essentially immune to the malware, because it will assume you are a virtual machine and leave you alone. Unfortunately, those are relatively poor resolution choices and almost every modern PC is capable at running much higher (and more useful) resolutions, making it very much of a two-edged sword.

This is definitely something you want to make sure your IT staff is aware of so they can adjust their detection strategies when searching for, or investigating malware strains.

While it’s unlikely that any company would opt for an approach that sees them set screen resolutions Enterprise-wide at one of those two resolutions, in certain specific instances, it may be a viable mitigation strategy. Even if not though, this most recent discovery provides a valuable glimpse into the mindset and lines of thinking employed by hackers around the world. Stay vigilant. It’s dangerous out there.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech