{
	"id": "ef3991c8-a453-4ace-b26e-da22d2863079",
	"created_at": "2026-04-06T00:11:29.765998Z",
	"updated_at": "2026-04-10T13:12:37.724166Z",
	"deleted_at": null,
	"sha1_hash": "46a9485714e366a5e1438c37d7816cb6b272ebfb",
	"title": "Fake Black Lives Matter voting campaign spreads Trickbot malware",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1746621,
	"plain_text": "Fake Black Lives Matter voting campaign spreads Trickbot malware\r\nBy Lawrence Abrams\r\nPublished: 2020-06-10 · Archived: 2026-04-05 23:48:51 UTC\r\nA phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot\r\ninformation-stealing malware.\r\nStarted as a banking Trojan, the TrickBot has evolved to perform a variety of malicious behavior.\r\nThis behavior includes spreading laterally through a network, stealing saved credentials in browsers, stealing Active\r\nDirectory Services databases, stealing cookies and OpenSSH keys, stealing RDP, VNC, and PuTTY Credentials, and more.\r\nhttps://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nTrickBot also partners with ransomware operators, such as Ryuk, to give access to a compromised network to deploy\r\nransomware.\r\nCapitalizing on the Black Lives Matter movement\r\nThreat actors commonly utilize current events as lures to trick people into opening their malicious emails.\r\nSuch is the case with a new campaign discovered by cybersecurity organization Abuse.ch that pretends to be from \"Country\r\nadministration,\" asking recipients to 'Vote anonymous about \"Black Lives Matter\".'\r\nThe email, shown below, states, \"Leave a review confidentially about \"Black Lives Matter\" and then prompts recipients to\r\nfill out and return an attached document named 'e-vote_form_3438.doc.'\r\nPhishing email\r\nWhen a recipient opens the Word document, they will be greeted with a message stating that they need to click on the\r\n'Enable Editing' and 'Enable Content' buttons to view the contents properly.\r\nhttps://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/\r\nPage 3 of 4\n\nMalicious word doc\r\nOnce they click on these buttons, the Word document will run macros that download a malicious DLL to the computer and\r\nexecute it.\r\nThis DLL is the TrickBot trojan that, when executed, will download further modules to the infected computer to steal files,\r\npasswords, security keys, spread laterally throughout the network, and allow other threat actors to install ransomware.\r\nDue to this, a TrickBot trojan can be a devastating infection regardless of whether you are a corporate victim or a home user.\r\nIt is important to remember that malware developers and distributors commonly become more active during\r\nsignificant moments in history and political unrest.\r\nThis dramatic increase in phishing and cyberattacks related to COVID-19, and it is not surprising that we also see it now.\r\nBe extremely careful with any emails you received, especially those that are politically or socially motivated, as they could\r\nbe malware in disguise.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/\r\nhttps://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/"
	],
	"report_names": [
		"fake-black-lives-matter-voting-campaign-spreads-trickbot-malware"
	],
	"threat_actors": [],
	"ts_created_at": 1775434289,
	"ts_updated_at": 1775826757,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/46a9485714e366a5e1438c37d7816cb6b272ebfb.pdf",
		"text": "https://archive.orkl.eu/46a9485714e366a5e1438c37d7816cb6b272ebfb.txt",
		"img": "https://archive.orkl.eu/46a9485714e366a5e1438c37d7816cb6b272ebfb.jpg"
	}
}