Dridex Botnet Replaced with Avira Anti-virus Software
Posted by: Timothy Weaver on 02/08/2016 03:20 PM
[
Comments
]
Part of the sprawling Dridex banking trojan botnet has been replaced with code from Avira anti-virus software.
No one as yet has taken credit for the insertion, but many are suspecting a white hat hacker. This individual appears to be kicking the dying body of Dridex, which was significantly weakened after the FBI teamed up with a number of IT security companies to take down the Trojan C&C servers late last year.
Dridex had a hay day before being taken down. For a while it was one of the top ten banking trojans. The malware was delivered by a phishing email with a word attachment. And once activated, it would deliver the payload. It would then execute code and spy on the victim with the purpose of stealing banking logins.
This is not the first time a white hat hacker has struck. Avira Antivirus installers have shown up in other kinds of malware including Cryptolocker and Tesla. This may be the new Robin Hood.
Source: SCMagazine
No one as yet has taken credit for the insertion, but many are suspecting a white hat hacker. This individual appears to be kicking the dying body of Dridex, which was significantly weakened after the FBI teamed up with a number of IT security companies to take down the Trojan C&C servers late last year. Dridex had a hay day before being taken down. For a while it was one of the top ten banking trojans. The malware was delivered by a phishing email with a word attachment. And once activated, it would deliver the payload. It would then execute code and spy on the victim with the purpose of stealing banking logins.
This is not the first time a white hat hacker has struck. Avira Antivirus installers have shown up in other kinds of malware including Cryptolocker and Tesla. This may be the new Robin Hood.
Source: SCMagazine
Comments
