Menu
Despite takedown, the Dridex botnet is running again

Despite takedown, the Dridex botnet is running again

More malware samples are appearing that are likely Dridex

Spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.

The finding confirms that while law enforcement can claim temporary victories in fighting cybercriminal networks, it's sometimes difficult to completely shut down their operations.

The U.S. Department of Justice said on Oct. 13 it was seeking the extradition of a 30-year-old Moldovan man, Andrey Ghinkul. Prosecutors allege he used Dridex malware to steal US$10 million from U.S. companies and organizations.

Dridex, also referred to as Cridex or Bugat, is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.

The U.S. and U.K. said the Dridex botnet -- or the collection of computers infected with the malware -- had been disrupted following their operations.

Two weeks before the DOJ's announcement, Palo Alto Networks wrote that it noticed a drop in Dridex activity but that it resumed again around the start of October.

Often, those employing Dridex tricked people into downloading it by sending spam emails with malicious links or attachments, such as XML files and Microsoft Office documents.

Much of that activity has now resumed, wrote Brad Duncan, a security researcher with Rackspace, on the Internet Storm Center blog.

He wrote that there appear to be more files labeled as Dridex on VirusTotal, a repository of malware samples. Although some of the samples could mislabeled, it backs up what Palo Alto noticed.

"Plenty of us are seeing Dridex malspam on a near-daily basis now," Duncan wrote.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News honoured the industry’s finest on a standout evening for the New Zealand channel, recognising the achievements of established partners, emerging players and innovative start-ups, in front of over 460 technology leaders in Auckland.

Reseller News Innovation Awards 2018: meet the top performing partners
Champagne Reception kicks off Reseller News Innovation Awards 2018

Champagne Reception kicks off Reseller News Innovation Awards 2018

More than 460 channel leaders came together to toast the top performers of the New Zealand industry, during the opening Champagne Reception at the Reseller News Innovation Awards 2018 - in association with Techbuyer.

Champagne Reception kicks off Reseller News Innovation Awards 2018
Chasing innovation: how Kiwi partners can create a new customer agenda

Chasing innovation: how Kiwi partners can create a new customer agenda

This exclusive Reseller News Roundtable - in association with Rhipe and Microsoft - detailed a blueprint for customer success, outlining the new role of the modern-day partner and wider network in New Zealand.

Chasing innovation: how Kiwi partners can create a new customer agenda
Show Comments