Browsing tag
The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily closing the project after one of its team […]
A new wave of BitPaymer Ransomware attack several MSSP based companies in Spain through compromised websites, and it’s using various other malware interaction before infecting the company network. Before the original BitPaymer ransomware attack takes place, threat actors initially infect the victims with a different type of malware such as Azorult, Chthonic, Dridex. Last 2 years, ransomware attacks […]
Forcepoint Security Labs have recently observed a peculiar email campaign distributing a variant of the Dridex banking trojan. The campaign used compromised FTP sites instead of the more usual HTTP link as download locations for malicious documents, exposing the credentials of the compromised FTP sites in the process. The malicious emails were distributed just before 12:00 UTC […]
Cybersecurity specialists often emphasize the dangers of insider threats and this banker has proven them correct. On Tuesday, December 12th, 2017, a 29-year-old Barclays banker Jinal Pethad was jailed for six years and four months for assisting two Moldovan cybercriminals to launder more than £2.5 million ($3 million) from Barclays Ealing, London branch where he worked. The cybercriminals identified as […]
Security researchers at the Austin based Anti-virus software firm Forcepoint have discovered a massive spam ransomware campaign in which the Scarab malware destroys all your files if you don’t pay the ransom, which is asked in Bitcoin. The campaign was started on 23rd November while attackers have used the largest email spam botnet on the […]
IBM security Discovered a Malware family called ” Dridex’s ” with samples of version 4.0 of the infamous fully integrate Dangerous Auto Bombing banking trojan (Dridex v4). Dridex v4 Reported as the only Trojan has encountered to use Atom-bombing . IBM X-Force said it is already in use in active campaigns against U.K. banks . But […]
First observed in July 2014, “Dridex,” a financial banking Trojan, is considered the successor to the “GameOver ZeuS” (GoZ) malware. • Dridex was most active between 2014 and 2015, and smaller campaigns were observed throughout 2016 with its peak activity in May 2016. • On January 25, 2017, the criminal syndicate behind Dridex launched another […]
Threat actors are known to switch targeted geographies from time to time, and it appears that a number have set their sights on Canada within a short time-frame. In the past couple of months Proofpoint has observed a number of campaigns targeting Canadian online banking users varying in scale between dozens of messages across a […]
By Michael Casayuran, Rhena Inocencio, and Jay Yaneza At a glance, it seems that DRIDEX has dwindled its activities or operation, appearing only for a few days this May. This is quite unusual given that in the past five months or so, this prevalent online banking threat has always been active in the computing landscape. […]
US Financial Institutions and banks Threatened by Deadly New Version of Dridex Malware Once upon a time, there was a malware called Dridex, which was a preferred attacking tool of hackers and threat actors but then it lost its spark and we all forgot about how devastating it was. But the malware is back with […]
Built to harvest the banking credentials of victims, the virulent Dridex is now one of the most dangerous pieces of financial malware in circulation. Tidal waves of spam are fuelling the growth of the Dridex Trojan, which has emerged as one of the most dangerous financial threats over the past year. The sheer size of […]
Part of the distribution channel of the Dridex banking Trojan botnet may have been hacked, with malicious links replaced by installers for Avira Antivirus. Avira reckons the pwnage is down to the work of an unknown white hat hacker. The Dridex botnet has remains a menace even after a high profile takedown operation in late […]
Lately the threat actors behind Dridex malware have been very active. Across all the recent Dridex phishing campaigns the technique is the same. All the Microsoft Office documents containembedded macros that download a malicious executable from one of many hard coded URLs. These hard coded URLs normally point to websites owned by legitimate people. The site […]
Global law enforcement agencies have arrested a gang member behind the theft of £20 million ($30.7 million) via a piece of malicious software that records banking details, and are on the hunt for the remaining members. The malware – known as Dridex – is believed to be developed by in eastern Europe and it’s able […]
Hackers, months ago, revived macros as an attack vector to primarily hide banking malware spread by spam campaigns. Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targeted campaign, researchers at Cisco said, was using […]
Delivering banking malware through Microsoft Word documents has been a less common method. However, it is currently being used for spreading malicious macros and PDF files in a single item — Avast Experts. Researchers at Avast have identified that the previously less common method of spreading banking malware has suddenly been increased. They further noted […]