Share this page!

NatSecAnswer Desk Profile picture
Twitter logo
13 Oct, 9 tweets, 3 min read
QUESTION: Recently, the US government & @Microsoft disabled -probably temporarily -"Trickbot" one of the world’s largest hacking operations, for fear it would interfere with the U.S. election.

What is Trickbot? Our friends at @NCSC explained. Follow this thread for the answer.
ANSWER: "Trickbot is an established banking trojan used in cyber attacks against businesses and individuals in the UK and overseas. Trickbot attacks are designed to access online accounts, including bank accounts, in order to obtain personally identifiable information
In some cases, Trickbot is used to infiltrate a network. Once inside it can be used to deploy other malware, including ransomware and post-exploitation toolkits. Trickbot targets victims with well-crafted phishing emails, designed to appear as though sent from trusted commercial
or government brands. These emails will often contain an attachment (or link to an attachment) which victims are instructed to open, leading to their machine being exploited.
What can Trickbot do?
Trickbot can download new capabilities onto a victim’s device (as well as updating those it has already deployed) without interaction from the victim; steal sensitive info, including banking login details and memorable info, gather detailed info about
infected devices and networks
steal saved online account passwords, cookies and web history; steal login credentials for infected devices, including domain credentials; connect infected devices to malicious, criminally-controlled networks over the internet,
giving criminals full control of them
spread across a victim’s network by infecting other devices, including those on trusted domains, often using SMB shares download further malicious files such as Remote Access Tools, VNC clients and ransomware"
For details on what to do about it, you can visit the U.K. National Cyber Security Centre ncsc.gov.uk/news/trickbot-…
If you have questions about national security, follow @NatSecAnswers, send us your question and we'll get the answer. @threadreaderapp unroll #A12

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with NatSecAnswer Desk

NatSecAnswer Desk Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @NatSecAnswers

NatSecAnswer Desk Profile picture
30 Sep
QUESTION: Who are the "Proud Boys"? We asked Scott Stewart @stick631. Follow this thread for the answer.
ANSWER: First, they are a group with an organized national and regional structure. Second, they are not classified as white supremacists as many press reports claim. While some Proud Boy members have links to white supremacists,
the Proud Boys group has members of different ethnicities and its current leader, Enrique Tarrio, is a Cuban. The group is self-avowedly “western chauvinist” meaning that they believe western civilization is superior to others.
Read 8 tweets
NatSecAnswer Desk Profile picture
28 Sep
ALERT: @FBI & @CISAgov have sent out an alert warning the public about FALSE CLAIMS OF HACKED VOTER INFORMATION: "Foreign actors and cyber criminals are spreading false and inconsistent information through various online platforms in an attempt to...
to manipulate public opinion, discredit the electoral process, and undermine confidence in U.S. democratic institutions. These malicious actors could use these forums to also spread disinformation suggesting successful cyber operations have compromised election infrastructure and
facilitated the “hacking” and “leaking” of U.S. voter registration data. In reality, much U.S. voter information can be purchased or acquired through publicly available sources. While cyber actors have in recent years obtained voter registration information,
Read 8 tweets
NatSecAnswer Desk Profile picture
24 Sep
QUESTION: Recently, we learned, the CIA Worldwide Intelligence Review had been leaked. What exactly is that? We asked former CIA clandestine service member @douglaslondon5. Follow this thread for the answer. Image
ANSWER: "The product to which you're referring is from the world intelligence review which is a strong product from the agency’s analytical directorate that is updated daily with new articles.
It covers all issues of the world as well, geographic and functional alike. It's intended for senior policy makers below the level of the president or cabinet secretary who would receive the president's daily brief. It tends to target substantive people.
Read 13 tweets
NatSecAnswer Desk Profile picture
16 Sep
QUESTION: A new scandal has arisen after allegations of hysterectomies practiced on immigrant women in a detention center in Georgia. What are the implications of these accusations? We asked our venerable colleague @GCorreaCabrera. Follow this thread for the answer. Image
ANSWER: "Advocacy groups have filed a complaint against this migrant detention center appealing to these accusations, as well as supposed medical neglect during the COVID-19 pandemic and lack of virus safety measures.
The information about alleged hysterectomies without proper "informed consent" was provided by a whistleblower, a nurse who used to work there.
Read 9 tweets
NatSecAnswer Desk Profile picture
9 Sep
QUESTION: How does #COVID19 impact the families of national security professionals? We asked Jo-Anne Sears @JoAnnePSears , Former Sr. Advisor to the Secretary of the Air Force and Partner, with Velocity Government Relations. Follow this thread for the answer. Image
ANSWER: "There is a growing challenge adversely affecting Defense Department and Intelligence Community personnel. It is not Russia or China – this time. It is the fact public schools are shuttered for in-person learning due to the #Covid19 pandemic.
This challenge has turned into a crisis for working parents in the region involved in classified programs critical to national security. They have to choose between being at home or protecting the homeland.
Read 8 tweets
NatSecAnswer Desk Profile picture
8 Sep
QUESTION: Considering the racial unrest sweeping the nation, are domestic terrorist organizations likely planning attacks in the U.S.? We asked @stick631 Scott Stewart. Follow this thread for the answer. Image
ANSWER: "Absolutely, 100%. Some white supremacists somewhere are definitely planning an attack as we speak. The problem under leaderless resistance is identifying and stopping them.
White supremacy is one of several right-wing extremist ideologies that pose a domestic terrorism threat in the U.S. White supremacism is the belief that whites are superior to other races and therefore should either dominate or be separate from other races.
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get email notifications when new thread is out from this Author!

Check out other threads from this Author!

Read all threads by @NatSecAnswers