February 22, 2022

Trickbot Fading and Conti Rises

Industry: N/A | Level: Strategic | Source: AdvIntel

Notorious malware, Trickbot appears to be losing relevance, seeming to be no longer as stealthy as it once was with Conti absorbing its key developers. Reported from intelligence by AdvIntel, Trickbot is still fully operational however, Conti affiliates are investing in newer toolsets such as BazarBackdoor, “the availability of TrickBot IOCs has made it highly detectable, and Conti is no longer using it.” Through its emergence Conti has grown rapidly as a serious cyber threat from recruiting skilled members and operating with a clear objective to “monopolize the market,” its operations are described accurately as a “crime syndicate.” Conti’s growth has greatly been attributed to the “Emotet-TrickBot-Ryuk supply chain” and as stated prior, the threat of Trickbot remains with concerns of how Conti plans to expand their threat capabilities.