The bad actors behind the infamous Trickbot malware have resurfaced in an attempt to expand their distribution channels. Their new goal appears to be the deployment of ransomware. The Tickbot malware itself has evolved from a banking Trojan to a modular windows-based crimeware solution. They are moving away from sending out phishing emails with excel documents to a more diversified delivery methods.
https://thehackernews.com/2021/10/attackers-behind-trickbot-expanding.html
It’s interesting to see how their email strategy has evolved from Excel attachments to DDoS claims. I imagine this was intended to target more technical users that may have more permissions.