Menu
Dridex spam campaigns target the US, UK and France

Dridex spam campaigns target the US, UK and France

Trend Micro has seen multiple spam campaigns distributing the malware

The Dridex botnet, which targets financial credentials, appears to be gaining steam again, striking computers in the U.S., U.K. and France.

Trend Micro is the latest security vendor to say it is seeing Dridex activity after the U.S. Department of Justice said last month it had significantly disrupted it in a joint action with the U.K. 

Sometimes referred to as Cridex or Bugat, Dridex is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.

Trend has seen multiple spam campaigns sending out malicious attachments, such as Excel or Word documents, that could install Dridex, wrote Ryan Flores, a threat research manager.

fake telstra invoice Trend Micro

The financial malware Dridex is circulating again, with attackers sending out spam emails like this one, which is a fake invoice for the Australian telecommunications company Telstra.

The spam emails use social engineering to try to get people to open purported invoices, unpaid bills, receipts or financial statements, he wrote.

Dridex can be hired out by other cybercriminals who want to compromise computers. Those campaigns are identified by codes.

Flores wrote that Trend Micro noticed codes used in recent spam runs that were also seen as far back as Oct. 14. 

"This development further validates previous findings that the Dridex botnet was not totally taken down," he wrote.

The top countries targeted by Dridex spam are the U.S, U.K., France and Australia, Trend said.

Palo Alto Networks noticed that Dridex activity fell in September, preceding the DOJ's announcement, but picked up again by early October.

Botnets can be difficult to eradicate. Even if network resources used by the cybercriminals are taken offline, they often set up new infrastructures to begin compromising computers again.

The DOJ accused Andrey Ghinkul, 30, of being the administrator of the Dridex. Ghinkul was arrested on Aug. 28 in Cyprus, and the U.S. is seeking his extradition to face a nine-count indictment in the U.S. District Court for the Western District of Pennsylvania.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments