Dridex Malware Returns
Posted by: Timothy Weaver on 10/28/2015 10:06 AM
[
Comments
]
Despite the arrest of one of its key operators in August, spam emails containing the Dridex malware are being seen almost daily.
Although law enforcement has its victories, it is still almost impossible to completely shut down their operations.
The U.S. Dept. of Justice is extraditing a 30 year old Mondovan man who they believe was behind a Dridex infection that netted the man nearly US$10 million from U.S. companies and organizations. Dridex, also referred to as Cridex or Bugat, is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.
Although the U.S. and the U.K. thought they had shut down the malware, Palo Alto Networks wrote that it noticed a drop in Dridex activity but that it resumed again around the start of October.
The malware is being spread using phishing tactics where emails have malicious attachments in the form of XML files and Microsoft Office documents.
Brad Duncan, a security researcher with Rackspace, said: "Plenty of us are seeing Dridex malspam on a near-daily basis now."
Source: PCWorld
Although law enforcement has its victories, it is still almost impossible to completely shut down their operations.The U.S. Dept. of Justice is extraditing a 30 year old Mondovan man who they believe was behind a Dridex infection that netted the man nearly US$10 million from U.S. companies and organizations. Dridex, also referred to as Cridex or Bugat, is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.
Although the U.S. and the U.K. thought they had shut down the malware, Palo Alto Networks wrote that it noticed a drop in Dridex activity but that it resumed again around the start of October.
The malware is being spread using phishing tactics where emails have malicious attachments in the form of XML files and Microsoft Office documents.
Brad Duncan, a security researcher with Rackspace, said: "Plenty of us are seeing Dridex malspam on a near-daily basis now."
Source: PCWorld
Comments
