On Monday Cybersecurity firm Bitdefender Published a Blog Post on Trickbot Malware that using the new VNC module to Spy on its Victims.
Trickbot Malware has discovered an updated VNC module that seems to be in active development, as its maintainers are updating it at a very fast pace.
This module is now delivered under a new name, observations also helped to map the attackers’ network architecture
Researchers have identified the software application that the attackers use to connect to victims’ computers. This tool is called VNCView.
In addition to upgraded modules, Bitdefender has noted a significant increase in command-and-control centers deployed around the world.
This new research focuses on an updated VNC module, which includes new functionalities for monitoring and intelligence gathering.
Now according to Bitdefender, the threat actor has been found actively developing an updated version of a module called “vncDll” that it employs against select high-profile targets for monitoring and intelligence gathering. The new version has been named “tvncDll.”