Menu
Despite takedown, the Dridex botnet is running again

Despite takedown, the Dridex botnet is running again

More malware samples are appearing that are likely Dridex

Spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.

The finding confirms that while law enforcement can claim temporary victories in fighting cybercriminal networks, it's sometimes difficult to completely shut down their operations.

The U.S. Department of Justice said on Oct. 13 it was seeking the extradition of a 30-year-old Moldovan man, Andrey Ghinkul. Prosecutors allege he used Dridex malware to steal US$10 million from U.S. companies and organizations.

Dridex, also referred to as Cridex or Bugat, is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.

The U.S. and U.K. said the Dridex botnet -- or the collection of computers infected with the malware -- had been disrupted following their operations.

Two weeks before the DOJ's announcement, Palo Alto Networks wrote that it noticed a drop in Dridex activity but that it resumed again around the start of October.

Often, those employing Dridex tricked people into downloading it by sending spam emails with malicious links or attachments, such as XML files and Microsoft Office documents.

Much of that activity has now resumed, wrote Brad Duncan, a security researcher with Rackspace, on the Internet Storm Center blog.

He wrote that there appear to be more files labeled as Dridex on VirusTotal, a repository of malware samples. Although some of the samples could mislabeled, it backs up what Palo Alto noticed.

"Plenty of us are seeing Dridex malspam on a near-daily basis now," Duncan wrote.


Follow Us

Join the newsletter!

Or
Error: Please check your email address.

Featured

Slideshows

Bumper channel crowd kicks off first After Hours of 2018

Bumper channel crowd kicks off first After Hours of 2018

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Jefferson in Auckland to kick-start 2018. Photos by Gino Demeer.

Bumper channel crowd kicks off first After Hours of 2018
Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Show Comments