Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Fujitsu issue Dridex botnet warning

August 2016 by Fujitsu

Fujitsu’s Security Operations Centre (SOC) has identified a new Dridex threat regarding the use of new botnet IDs and a targeted behaviour to infiltrate enterprise banking.

Historically arriving via the usual malicious macro enabled documents, Dridex has been taking a backseat to Locky ransomware. However, in newly researched malware samples that have been targeting enterprise and core banking applications, Fujitsu’s SOC has identified a shift in the payload and targets with Dridex. These include commercial banking applications and password managers such as KeePass, targeting enterprise applications, and core banking applications. Additionally, new Botnet ID’s have been added including 444 and 144.

Paul McEvatt, Senior Cyber Threat Intelligence Manager, UK & Ireland at Fujitsu commented on the new finding: “We’ve been monitoring the developments within Dridex for two years now, having identified some significant changes to the behaviour. This recent observation shows a growth in the behaviour and one that has branched from targeting banking sites and back office of banking and now the enterprise.”

Dridex malware, also known as Bugat and Cridex, was developed by technically skilled cyber criminals in Eastern Europe to harvest online banking details, which are then exploited to steal money from individuals and businesses around the world. Global financial institutions and a variety of different payment systems have been particularly targeted, with UK losses estimated at £20m.

See previous articles


See next articles