Blog
TrickBot Uses "Service Update" Windows Task in a Grab for Persistence
By David Bisson on Wed, 06/14/2017
TrickBot malware is using a Windows Task named "service update" in an attempt to evade detection and maintain persistence on infected endpoints. The refinement is part of a new wave of phishing emails that distribute the botnet trojan, a threat which shares many characteristics with Dyre. These emails all come with PDF documents containing an...