Recommended

Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Register
BTCC / BTCC Square / Global Cryptocurrency /
TCLBANKER Trojan Spreads via Compromised Messaging Accounts, Linked to Known Malware Family

TCLBANKER Trojan Spreads via Compromised Messaging Accounts, Linked to Known Malware Family

Author:
Global Cryptocurrency
Published:
2026-05-10 03:11:01
BTCCSquare news:

A new malware campaign labeled REF3076 has been identified, spreading the TCLBANKER trojan through victims' own messaging accounts. Researchers have linked this threat to the MAVERICK/SORVEPOTEL malware family based on shared infrastructure and code patterns.

The trojan disguises itself as a legitimate Logi AI Prompt Builder installer, distributed via ZIP files. It employs DLL sideloading techniques to execute malicious files masquerading as Flutter plugins. Once activated, the malware deploys two protected payloads: a banking module for financial theft and a worm module designed for self-propagation across systems.

Security analysts face significant obstacles in investigating TCLBANKER. The loader constructs a three-part fingerprint involving anti-debugging checks, system resource analysis, and language settings. This fingerprint generates decryption keys for embedded payloads, with failure conditions triggering silent termination if sandbox environments or debugging tools are detected.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GET IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service
Social Media

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2026 BTCC.com. All rights reserved