Number: IRCNE2015102671
Date: 2015/10/25
According to “computerworlduk”, spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.
Dridex, also referred to as Cridex or Bugat, is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.
The U.S. and U.K. said the Dridex botnet -- or the collection of computers infected with the malware -- had been disrupted following their operations.
Two weeks before the DOJ's announcement, Palo Alto Networks wrote that it noticed a drop in Dridex activity but that it resumed again around the start of October.
Often, those employing Dridex tricked people into downloading it by sending spam emails with malicious links or attachments, such as XML files and Microsoft Office documents.
Much of that activity has now resumed, wrote Brad Duncan, a security researcher with Rackspace, on the Internet Storm Center blog.
He wrote that there appear to be more files labeled as Dridex on VirusTotal, a repository of malware samples. Although some of the samples could mislabeled, it backs up what Palo Alto noticed.
"Plenty of us are seeing Dridex malspam on a near-daily basis now," Duncan wrote.
- 7