- Dec 30, 2012
- 4,809
Researchers from IBM have revealed new developments in the use of the data-stealing Dridex Trojan in targeting UK banks.
IBM X-Force revealed on Tuesday that the cybercrime group known as Evil Corp, creators and controllers of the Dridex Trojan, has recently turned its attention to bank accounts owned by wealthy UK residents.
The latest version of the Trojan, v.3.161, was first detected on Jan 6, 2016. The malware is believed to be responsible for stealing up to £20 million from UK accounts over the past several years.
The Dridex Trojan spreads through email phishing campaigns and includes features such as the ability to spy on victim PCs, with the overall aim of stealing credentials which can be used to access bank accounts and cash reserves.
Despite arrests made in 2015 by the UK's National Crime Agency (NCA) and FBI of those believed to be part of Evil Corp, it appears Dridex remains a threat to UK banking customers.
According to IBM, the latest malware build was immediately followed by an infection campaign which used the Andromeda botnet to deliver malware payloads to potential victims.
Further reading
IBM X-Force revealed on Tuesday that the cybercrime group known as Evil Corp, creators and controllers of the Dridex Trojan, has recently turned its attention to bank accounts owned by wealthy UK residents.
The latest version of the Trojan, v.3.161, was first detected on Jan 6, 2016. The malware is believed to be responsible for stealing up to £20 million from UK accounts over the past several years.
The Dridex Trojan spreads through email phishing campaigns and includes features such as the ability to spy on victim PCs, with the overall aim of stealing credentials which can be used to access bank accounts and cash reserves.
Despite arrests made in 2015 by the UK's National Crime Agency (NCA) and FBI of those believed to be part of Evil Corp, it appears Dridex remains a threat to UK banking customers.
According to IBM, the latest malware build was immediately followed by an infection campaign which used the Andromeda botnet to deliver malware payloads to potential victims.
Further reading