Microsoft's latest security report explained why the notorious TrickBot malware commonly targets MikroTik routers.
Ethernet cables are seen running from the back of a wireless router in Washington, DC on March 21, 2019. (Photo by MANDEL NGAN / AFP)
TrickBot is a trojan computer virus that currently breaches Microsoft windows and other operating systems.
The hacking group behind this malware uses it to conduct bank account thefts by stealing sensitive user credentials. Now, the TrickBot malware is expanding its scope, targeting WiFi routers as well.
Microsoft: Why TrickBot Targets MikroTik Routers?
According to Ars Technica's latest report, MikroTik routers are among the devices commonly targeted by TrickBot hackers.
A free Wi-Fi hotspot beams broadband internet from atop a public phone booth on July 11, 2012 in Manhattan, New York City. New York City launched a pilot program Wednesday to provide free public Wi-Fi at public phone booths around the five boroughs. The first ten booths were lit up with Wi-Fi routers attached to the top of existing phone booths, with six booths in Manhattan.
When the malware started focusing on MikroTik, security experts couldn't identify the reason for the sudden shift. But, thanks to Microsoft's efforts, you can now know why these routers are now the common victims of TrickBot.
"The purpose of Trickbot for using MikroTik devices is to create a line of communication between the Trickbot-affected device and the C2 server," said the software giant via its official security blog post.
The company added that this allows TrickBot hackers to breach the network without the standard defense systems detecting them.
Microsoft further explained that MikroTik also has a unique Linux-based RouterOS, making it an ideal proxy for TrickBot hackers.
Microsoft Launches New Anti-Malware Tool
Microsoft decided to launch a new forensic tool to protect MikroTik router owners against the notorious trojan computer virus.
This new anti-malware system can detect TrickBot-related breaches on your WiFi device. To give you more idea, here are the things that Microsoft's new forensic tool can do:
- Looks for suspicious traffic redirection rules (NAT and other rules)
- Looks for default port changes
- Gets the version of the device and maps it to any Looks for DNS cache poisoning
- unpatched vulnerabilities
- Looks for non-default users
- Checks for scheduled tasks
Aside from the new tool, Microsoft also suggested that MikroTik users should make it a habit to turn off their routers.
They need to make sure that experienced users only use the internet gadget. The search engine giant added that ensuring unique passwords for remote and local admin access is also important to prevent TrickBot.
In other news, two Apple features are now being used by scammers to breach Apple App Store's vetting system. Meanwhile, Nvidia hackers are now using the breached data as a malware disguise.
For more news updates about malware and other security threats, always keep your tabs open here at TechTimes.
Related Article: BazarBackdoor Malware is Hitting Website Contact Forms to Evade AV Detection
This article is owned by TechTimes
Written by: Griffin Davis
