On Friday, a school in Ohio discovered he was hacked. In particular, a malicious one software polluted the systems and so the school administration decided not to take classes on Monday. Surprisingly, the attack came from a banking trojan. According to surveys, malware, which affected school systems, is called Trickbot.
The attack was carried out last week but was discovered on Friday. The specialists tried to re-establish the systems during the weekend, but they did not succeed in canceling the Monday lessons.
The school community manager reported to local media that they did not suspect the students about the contamination of their systems and that one of the first computers affected was the computer of the employee who handles the school's finances.
TRICKBOT: One of the most common and dangerous attacks of the time
The FBI is involved in the research and helps the school to restore its systems. In March, the Department of Homeland Security had warned of increasing attacks with TrickBot.
Initially, TrickBot was designed as a bank Trojan, which was used to steal credentials in bank portals. Later, however, it evolved into a malware that can serve many purposes. For example, TrickBot administrators can infect computers with their malware and then give access (to infected systems), for a fee, to other hackers who want to attack other malicious software.
The Emotet banking trojan is an example of the above case. Many times they have happened ransomware attacks immediately after contamination with systems with Emotet, TrickBot or both.
Trojans infection with computers is not a simple matter, as it can cause a lot of damage to systems. Victims should act immediately to deal with the situation before other attacks from other malicious software. Typically, Trickbot administrators send spam emails to infect victims' computers.
Still, there has not been much information about what exactly happened with the school community systems. However, judging by the fact that the courses were canceled, it is certainly something serious.
Initially, it looked as though only one computer was infected but eventually infected eleven. In a while, the entire network stopped working.
According to information, besides computers, the phones and HVAC systems of the school were also affected.
On Tuesday, the lessons continued normally after the damage was restored and the 1.000 computers restored.