Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Fujitsu issue Dridex botnet warning

August 2016 by Fujitsu

Fujitsu’s Security Operations Centre (SOC) has identified a new Dridex threat
regarding the use of new botnet IDs and a targeted behaviour to infiltrate
enterprise banking.

Historically arriving via the usual malicious macro enabled documents, Dridex has
been taking a backseat to Locky ransomware. However, in newly researched malware
samples that have been targeting enterprise and core banking applications, Fujitsu’s
SOC has identified a shift in the payload and targets with Dridex. These include
commercial banking applications and password managers such as KeePass, targeting
enterprise applications, and core banking applications. Additionally, new Botnet
ID’s have been added including 444 and 144.

Paul McEvatt, Senior Cyber Threat Intelligence Manager, UK & Ireland at Fujitsu
commented on the new finding: “We’ve been monitoring the developments within Dridex
for two years now, having identified some significant changes to the behaviour. This
recent observation shows a growth in the behaviour and one that has branched from
targeting banking sites and back office of banking and now the enterprise.”

Dridex malware, also known as Bugat and Cridex, was developed by technically skilled
cyber criminals in Eastern Europe to harvest online banking details, which are then
exploited to steal money from individuals and businesses around the world. Global
financial institutions and a variety of different payment systems have been
particularly targeted, with UK losses estimated at
£20m<http://www.nationalcrimeagency.gov....> .


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts