Menu
US, UK disrupt Dridex botnet, which targeted online banking

US, UK disrupt Dridex botnet, which targeted online banking

Dridex is considered one of the most effective banking malware families

A cybercriminal network that caused at least US$10 million in losses has been disrupted by U.S. and U.K. law enforcement, with the U.S. seeking a Moldovan man's extradition, the Department of Justice said Tuesday.

Andrey Ghinkul, 30, is accused of being the administrator of the Dridex botnet, also known as Cridex and Bugat.

A nine-count indictment was unsealed on Tuesday in the U.S. District Court for the Western District of Pennsylvania, DOJ said. Ghinkul was arrested on Aug. 28 in Cyprus.

Dridex has been a real headache for a number of years. It collects online banking credentials from infected computers, which prosecutors said were then used to initiate large wire transfers.

In one example, Ghinkul and his gang allegedly transferred $2.1 million from an account of Penneco Oil Company, based in Delmont, Pennsylvania, to one in Krasnodar, Russia, on Aug. 31, 2012, according to the indictment.

Four days later, Penneco Oil was hit again, this time with $1.3 million going to an account in Minsk, Belarus. The same day, the group allegedly tried to transfer a further $76,520 from the company's accounts.

Penneco Oil's account information was believed to have been compromised after Ghinkul's group sent one of the company's employees a phishing email, prosecutors said.

Dridex is considered one of the top banking malware families. It spreads through targeted spam that contains attachments to malicious XML files, Microsoft Office documents with macros or links to malicious websites.

The malware can log keystrokes and inject fake HTML fields into Web pages that ask users for more sensitive information. It also can frequently escape detection by antivirus software.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

EDGE 2024

Register your interest now for EDGE 2024!

Featured

Slideshows

How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments