Latest in Gear

Image credit: seksan Mongkhonkhamsao via Getty Images

TrickBot malware may have hacked 250 million email accounts

Including millions belonging to governments in the US, UK and Canada.
563 Shares
Share
Tweet
Share

Sponsored Links

seksan Mongkhonkhamsao via Getty Images

TrickBot malware may have stolen as many as 250 million email accounts, including some belonging to governments in the US, UK and Canada. The malware isn't new. In fact, it's been circulating since 2016. But according to cybersecurity firm Deep Instinct, it has started harvesting email credentials and contacts. The researchers are calling this new approach TrickBooster, and they say it first hijacks accounts to send malicious spam emails and then deletes the sent messages from both the outbox and trash folders.

In a recent investigation, Deep Instinct found a database containing 250 million compromised email accounts. The firm says millions of those belong to governments in the US and UK, as well as agencies in Canada. The database contained more than 25 million Gmail addresses, 19 million Yahoo.com addresses and 11 million Hotmail.com addresses. AOL, MSN and Yahoo.co.uk were also hit. As DeepInstinct points out, TrickBot could use those emails to distribute more of its own malware.

According to TechCrunch, the researchers first detected TrickBooster on June 25th. Deep Instinct is still investigating, and it's in the process of sharing information with authorities. The update is unsettling, as it's so widespread, and as Deep Instinct puts it, TrickBooster is a "powerful addition to TrickBot's vast arsenal of tools."

Engadget’s parent company, Verizon, now owns Yahoo. Engadget remains editorially independent.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
563 Shares
Share
Tweet
Share

Popular on Engadget

Google and Amazon approved home speaker apps that spied on users

Google and Amazon approved home speaker apps that spied on users

View
The Morning After: The battery-saving power of dark mode on iPhones

The Morning After: The battery-saving power of dark mode on iPhones

View
Rocket Lab plans to send payloads to the Moon

Rocket Lab plans to send payloads to the Moon

View
Google will fix Pixel 4 face unlock issue with 'eyes open' update

Google will fix Pixel 4 face unlock issue with 'eyes open' update

View
Test shows dark mode really can save battery life on OLED iPhones

Test shows dark mode really can save battery life on OLED iPhones

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr