Dridex rears its ugly head again.

The Dridex malware is back with a bang nearly after a year and now it has set its eyes on banking sectors. This piece of code is particularly malicious and resilient. Over the period of years it surfaces again and again that terrorizes people to give up their banking information.

Dridex is actually a malware code that leverages programs with Microsoft Office to infect financial system and it operates as Botnet-as-a-service business model and uses multiple servers to target and infiltrate the targeted banks. Researchers and FBI are getting their nerves frayed due to the seizure of multiple servers used by Dridex to steal information.

" There are significant differences from this particular DRIDEX campaign as opposed to its previous waves," Trend Micro researchers wrote. " Instead of the usual fake invoice or notification baits, DRIDEX plays on people' s fears of having their accounts compromised."

The researchers at Proofpoint found out the Dridex campaign namely Dridex botnet ID 7200. Majority of the spam came with double zipped archive attachments. The activity was mainly taking place in France, U.K and Australia.

The Dridex works by email in which the subject line read: “ Payment Request” and it included a Zip attachment masquerading as invoice, but when it is clicked it leads to deliver an executable file which contained the Dridex bot. It was also buried under two Zip files.

The return of the Dridex version 4 made the researchers and law enforcement agencies to ponder about the forthcoming attacks in the coming months. As this malware is affecting bank accounts, it is rated to be critical and it may keep everyone on their guard.

Tag : Malware
FAQ
Q
What fear factor is used by Dridex to attack users?
A
Instead of the usual fake invoice or notification baits, DRIDEX plays on people' s fears of having their accounts compromised.
Q
What researchers identified from this Dridex attack?
A
Researchers at Proofpoint found out the Dridex campaign namely Dridex botnet ID 7200. Majority of the spam came with double zipped archive attachments. The activity was mainly taking place in France, U.K and Australia
Q
What rating is assigned for this Dridex for its severity?
A
Dridex is rated to be critical and it may keep everyone on their guard.
Q
How Dridex works really?
A
Dridex works by email in which the subject line read: &ldquo Payment Request&rdquo and it included a Zip attachment masquerading as invoice, but when it is clicked it leads to deliver an executable file which contained the Dridex bot. It was also buried under two Zip files.
Q
What is Dridex?
A
Dridex also was known as Bugat and Cridex is a form of malware that specializes in stealing bank credentials via a system that utilizes macros from Microsoft Word.