Deep Instinct Exposes One of the Largest Data Breaches in the Last Decade

 More than 250M Government, corporate and private users impacted by TrickBooster, a new module of TrickBot

NEW YORK–(BUSINESS WIRE)–Deep Instinct has uncovered the most nefarious version of the TrickBot malware yet. Known for stealing sensitive financial details, the latest version of TrickBot, dubbed TrickBooster by Deep Instinct researchers, has already compromised more than 250 million email accounts of prominent government organizations, national security agencies, leading universities and more than 150 F500 companies in the U.S., U.K., and Canada.

Private Email users subscribed to popular webmail providers are also among the victims, including:

  • 26 million Gmail accounts
  • 26 million Yahoo accounts
  • 11 million Hotmail accounts
  • 3.5 million MSN accounts
  • 2 million Yahoo U.K. accounts

Guy Caspi, Deep Instinct CEO and co-founder, said: “The size, scale and sophistication of this cyberattack is one of the most advanced ever seen. This malware actively avoids detection as it spreads and harvests enormous amounts of data. And while our investigations have uncovered that the attack has collected and targeted more than 250 million email accounts, it’s clear from our analysis in the last 72 hours that this is just the tip of the iceberg. We are currently notifying key government and law-enforcement authorities globally to help minimize further damage. I fully credit our Deep Instinct Threat research team and deep learning approach to cybersecurity for discovering and preventing this cyberattack, which most security solutions on the market today simply aren’t capable of doing.”

Once TrickBooster has infiltrated a victim’s machine, its email and spamming capabilities enable it to steal addresses, accounts and log-in credentials, send out malicious weaponized messages, and delete any trace that those messages were ever sent from the victim’s outbox and trash folders. It acts quickly and has largely gone undetected until Deep Instinct researchers uncovered a database containing 250 million e-mail accounts harvested by TrickBot and TrickBooster operators, which were also used as lists of targets for malicious delivery and infection. The research into TrickBooster was instigated following the prevention of one of its variants in a customer’s environment.

As the first company to apply end-to-end deep learning to cybersecurity, Deep Instinct provides complete, multi-layer protection across endpoints, servers and mobile devices for Windows, macOS, iOS, Android or Chrome OS. Its unified solution provides protection against attacks, taking a prediction and prevention first approach, followed by detection and response against known and unknown cyber threats, which can be configured and adapted to meet almost any organization’s needs.

To learn more:

For technical questions about this attack please contact

To learn more about Deep Instinct’s cybersecurity solution, read about the deep learning neural network that is its core technology and then request a demo to see it in action.

About Deep Instinct

Deep Instinct is the first and only company to apply end-to-end deep learning to cybersecurity. Deep learning is inspired by the brain’s ability to learn. Once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial deep neural network brain learns to prevent any type of cyber threat, its prediction capabilities become instinctive. As a result, any kind of malware, known and new, first-seen malware, zero-days, ransomware and APT attacks from any kind are predicted and prevented in zero-time with unmatched accuracy and speed anywhere in the enterprise – Network, EPP, Mobile – enabling a multi layered protection. To learn more, visit:



Jaime Tero


error: Content is protected !!