New TCLBanker malware self-spreads over WhatsApp and Outlook
Summary
A new malware strain named TCLBanker has been discovered, actively targeting 59 financial and cryptocurrency platforms. It utilizes a trojanized installer for Logitech AI Prompt Builder to spread via WhatsApp and Outlook, demonstrating a sophisticated social engineering approach.
IFF Assessment
FOE
TCLBanker's ability to self-spread and target financial institutions poses a direct threat to defenders.
Defender Context
Defenders should be aware of TCLBanker's propagation methods, particularly its use of trojanized installers and social engineering through common communication platforms like WhatsApp and Outlook. This highlights the ongoing threat of sophisticated malware that leverages legitimate software and user trust to gain access.