Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha




EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

You have declined cookies. This decision can be reversed.

Dridex banking malware returns with hackers going after targets in the UK, France and Australia

Written by  Connor Burns Jan 19, 2018

"The perpetrators of the campaign do not appear to be worried about exposing the credentials of the FTP sites they abuse, potentially exposing the already-compromised sites to further abuse by other groups," Forcepoint security researchers said in a blog.

"This may suggest that the attackers have an abundant supply of compromised accounts and therefore view these assets as disposable. Equally, if a compromised site is used by multiple actors it also makes attribution harder for security professionals and law enforcement."

The researchers suspect that the Necurs botnet, one of the world's largest botnets, may be giving the new malware campaign a boost – something the botnet has done before. Necurs recently resurged after its annual holiday break and in a new twist, and was seen pushing an obscure cryptocurrency, for the first time.

Necurs' spam campaigns are known to push out millions of emails in just hours. However, the new Dridex campaign saw just over 9,500 emails sent in total – an oddly low volume for a typical Necurs-boosted campaign.


Kindle Oasis E-reader with Black Leather Charging Cover, 6'' High-Resolution Display (300 ppi) with Built-in Light, Wi-Fi

£228.00 amazon uk

"Although there are attributes of the campaign that suggest it is coming from Necurs, the size of the campaign is more or less 'average'. Given Necurs' typical association with very large campaigns, the reason for this remains something of a mystery," Forcepoint researchers said.

"Dridex's seemingly endless ability to evolve makes it a real problem for anyone using online banking. It's also not exactly popular with security teams inside financial services companies themselves, given its effectiveness at stealing bank log-ins wholesale," Brooks Wallace, managing director EMEA, at security company Trusted Knight, told us.

"It is a testament to the danger of such flexible malware platforms, which means teams of well-funded criminals can continue to stay one step ahead of the anti-malware and anti-virus solutions often used by even the most security conscious online banker," Wallace added. "Dangerous – and ultimately expensive – malware like this is plundering accounts constantly and fraud and security measures need to get smarter to protect both banks and customers from massive fraud and security losses."

Also see: Facebook, Twitter, YouTube praised for “steady progress” stifling illegal hate speech in Europe 

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.


startupUK Ad

  1. Popular
  2. Trending