Lighthouse IT Solutions has always wanted you to be well informed and well protected. As much as we hate to be the bearers of bad news, we need to warn you about the new cyber threat that is TrickBoot. (The amount of cybersecurity threats has only gotten more plentiful this year. Check out the Lighthouse IT Podcast to stay up-to-date.)
What is TrickBoot?
TrickBoot is the latest instrument in the TrickBot malware repertoire and potentially one of the most dangerous as it capable of discovering vulnerabilities in firmware and enabling attackers to then read, write or even erase the firmware on the device. Typically, when a device is infected with malware, one of the safest methods you can use to remove it is by wiping the device and then restoring the important data from a backup. However with this method, the firmware of the device is unaffected. If malware is hiding well enough, then wiping the device means the malware is not removed.
What to do?
A hacker who has infected your firmware can not only hold your data ransom but can also threaten to 'brick' your entire device, making it completely useless. Some early warning signs of TrickBoot could include unexpected tasks named something like 'AdvancedLocTechnic' or 'SystemTechGatService'. It's always important to be careful and on the lookout for bad actors hoping to break into your networks and that importance only increases as time goes on. Be cautious when interacting with any emails, websites, or programs you do not recognize.
For our Harmony clients, be rest assured that you have Huntress Labs to take initiative in tracking and remediating TrickBot/TrickBoot infections. But always keep your eyes peeled.
Stay safe out there; Virtually & IRL.
Check out our partner's coverage over at Huntress about this emerging threat and an in-depth look at everything TrickBoot: Huntress blog - Rapid Response: TrickBoot
If you aren't a Harmony client yet, then let's get connected!
Lighthouse IT is always ready to help small-to-medium sized business stay safe and function seamlessly.