Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Dridex Resurfaces to Make New Smaller Spam Outbreaks


The Dridex gangsters or those cyber criminals responsible for the banker Trojan Dridex have been somewhat silent starting middle of June 2016 approximately when Necurs another botnet the Dridex cyber criminals run was terminated only to re-emerge following a 3-week period.

From that time on, distribution of Dridex appears to have halted as its each spam campaign spewed merely some thousands messages that sounds trivial when compared with spam mails it sent in the millions during May and before.

ProofPoint the cyber security company analyzes the latest decline in Dridex's operations as significant alterations in the mode of operation by the controllers of the banker Trojan. Within one blog post ProofPoint researchers state that this pretty lower volume of spam indicates the botnet is narrowing down attacks to more higher-profiles, making the threat actors free enough for chasing more lucrative targets as well as leveraging stolen databases far more efficaciously.

Dridex perpetrators served their Trojan to victims through Microsoft Office files containing malevolent macro scripts. These malware-tainted Office files were targeted at business organizations even as the Dridex spam was made lower in volume.

According to the researchers, as different from earlier Dridex campaigns, which conducted widespread distribution of massive amounts of spam mails globally, the latest activities of the banker Trojan concentrates chiefly on spreading Locky the thriving ransom software. Dridex was further observed as attacking point of sale devices, posted ibtimes.co.uk online dated August 20, 2016.

Now with an increase yet again of Dridex spam, it seems preparations are on for conducting the malware's distribution more broadly to target various nations across the world.

And with one more indication of Dridex crew leveraging their ware, the researchers at ProofPoint state they have discovered the gang employing Neutrino an attack toolkit for delivering the Trojan. This tactic is new for the group which it didn't apply within many of its campaigns earlier. The attack toolkit spam outbreak was made to target users in UK and Switzerland.

Dridex owners, ProofPoint says, are continuing to make money out of their malware by attacking only few large organizations, several providing financial services.

» SPAMfighter News - 24-08-2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next