Spam Email Contains Dridex Banking Malware
Posted by: Timothy Weaver on 07/02/2015 09:34 AM
[
Comments
]
Targeting company accountants, a new spam campaign armed with the Dridex banking malware is making its rounds with phony emails.
The spam email has an attachment that is in reality a document that is a macros-enabled .doc.
Once opened, the document retrieves Dridex from various compromised webpages.
The email purports to contain a document that was sent directly from a printer.
Morten Kjaersgaard, CEO of Heimdal Security, said: As users we need to constantly remind ourselves that hackers are getting better at what they do. This is serious business [for them] and we should consider this a serious threat.”
Heimdal scanned the impacted webpages on VirusTotal and found that only 5 out of more than 20 antivirus solutions reported it as infected.
Dridex sleeps on the victims computer until it sees the victim log into a banking website. Banking credentials are then sent to the attackers.
Kjaersgaard said: “I would strongly urge users and companies to be very careful in keeping their software up-to-date and not trusting unlikely inbox items. This Dridex campaign is just the tip of a currently very big, and unfortunately increasing, iceberg.”
Source: SCMagazine
The spam email has an attachment that is in reality a document that is a macros-enabled .doc.Once opened, the document retrieves Dridex from various compromised webpages.
The email purports to contain a document that was sent directly from a printer.
Morten Kjaersgaard, CEO of Heimdal Security, said: As users we need to constantly remind ourselves that hackers are getting better at what they do. This is serious business [for them] and we should consider this a serious threat.”
Heimdal scanned the impacted webpages on VirusTotal and found that only 5 out of more than 20 antivirus solutions reported it as infected.
Dridex sleeps on the victims computer until it sees the victim log into a banking website. Banking credentials are then sent to the attackers.
Kjaersgaard said: “I would strongly urge users and companies to be very careful in keeping their software up-to-date and not trusting unlikely inbox items. This Dridex campaign is just the tip of a currently very big, and unfortunately increasing, iceberg.”
Source: SCMagazine
Comments
