KNOW picked up Dridex, and we think a comprehensive overview will help you prepare if you are in the line of attack.
What is Dridex?
Dridex is a strain of banking malware. The malware attacks Windows users. Once a user opens the word or excel attachment, the macros get activated and download the malware. This software is designed to steal the banking information of the victim. In 2015, the thefts caused due to this malware were estimated to be around $10 million in the United States and £20 million in the United Kingdom.
Who’s the Target?
KNOW detected banking and finance as the primary industries targeted by Dridex. Unlike other malware, Dridex is specifically targeted for initial infection email.
Why is Dridex Trending?
As per the report from KNOW, Dridex successfully carried out an attack on a reputed company. The company is a maker of smart devices and watches, and the overall recovery cost to the company is estimated to be around $10 million dollars. Surfaced in 2014, Dridex has shapeshifted according to the emerging cybersecurity trends, and have been successful in identifying vulnerabilities.
This Russia based organization has been using phishing emails to attack the users.
References Counted by KNOW
- Total references: 31,872
- References in the last 60 days: 2762
- References in the last 7 days: 523
Context Taken From KNOW
- Risk rules triggered: 7 out of 48
- Related intrusion methods: Phishing, Malspam, Spam, Webinject, Credential Stealing, Data Exfiltration, Malware, and 21 more.
- IPs detected: 1034
- Related hashes: 11,226
- Vulnerabilities: CVE-2018-8174, CVE-2012-0158, CVE-2017-0199, CVE-2017-11882, CVE-2017-11826
- Threat actors: Evil Corp, TA505, APT34 Oilrig, APT33 Charming Kitten, GOLD EVERGREEN
Thoughts from the Twitter-verse
Email scam aims to drop Dridex on machines by impersonating FedEx, UPS
Please see this weeks @ncsc_gov_ie media summary, with articles on Ransomware, Dridex, an exploit in Windows Error Reporting service, and other stories from the last 7 days: https://ncsc.gov.ie/news/20-10-09/
2020-10-05 (Monday) – Those #Dridex guys phoning it in after using what little inspiration they had on the earlier UPS-themed #malspam today – Saw a DHL-themed spreadsheets, but otherwise the same –
What is KNOW?
KNOW is a Threat Intelligence Platform designed by Netenrich. This platform extracts data from billions of data points to give a comprehensive report on intel and deep analyst insights to help you follow, search, and act much before an attacker finds your vulnerability.
Check out one of KNOW’s tools Trending threat dashboard. Get deep insights into what happened in the last 7 days, 60 days, and relevant insights to stay ahead of the cybersecurity game. Sign up for free and explore the most detailed cyber attack reports.