Home News Trickbot malware sends “false positive” warning to victims

Trickbot malware sends “false positive” warning to victims

Trickbot malware
Trickbot malware

While we are all reading about the Coronavirus and many of us are also following the cybersecurity scenario right now with much interest, it is also worth noting that there is a term called “false positive” too. This is not just related to the cybersecurity world but the world in general. For example, if you talk about the medical sector which is the trending topic right and take an example of Coronavirus. If test results show that you don’t have the virus infection but you show symptoms, it might be a false positive.

Similarly, we have tools that track malware infection in your PC and it is possible that they can also send false positive warnings. This means it might show that you have a malware infection while you actually don’t have one whereas the reverse is also possible. Such an incident has been reported where Trickbot malware mistakenly sent warnings to victims that they have been infected. Naturally, the victims got worried on how they got the malware and what are the next steps they need to perform.

However, it turns out that the notorious malware named Trickbot “mistakenly” left test module which sends out warnings to contact an admin as they have been infected. As per reports we have seen, this malware is distributed with the help of malicious spam emails and they run quietly on infected systems. Victims have been seeing a module named Grabber which says that the tool “gathered some information from your browser."

According to a security expert who analyzed the tool grabber, he believes that “threat actors were testing a new version and forgot to remove it when it went live”. The best way suggested by experts if you see this message is to shut your PC from the internet and then run tools to make your PC infection-free.