Dyre Banking Trojan

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Dyre Banking Trojan
Botnet Dyre
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-12-17
Editor/Conference DELL SecureWorks
Link http://www.secureworks.com/cyber-threat-intelligence/threats/dyre-banking-trojan/ (Archive copy)
Author Brett Stone-Gross, Pallav Khandhar
Type Threat entry

Abstract

Threat actors regularly develop new Trojan horse malware to fuel their operations and to ensure the longevity of their botnets. After the takedowns of the Gameover Zeus and Shylock botnets, researchers predicted that a new breed of banking malware would fill the void. In early June 2014, the Dell SecureWorks Counter Threat Unit(TM) (CTU) research team discovered the Dyre banking trojan, which was being distributed by Cutwail botnet spam emails that included links to either Dropbox or Cubby file storage services. The threat actors later shifted to distribution via the Upatre downloader trojan. Dyre is also known as Dyreza, Dyzap, and Dyranges by the antivirus industry.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR351,
   editor = {DELL SecureWorks},
   author = {Brett Stone-Gross, Pallav Khandhar},
   title = {Dyre Banking Trojan},
   date = {17},
   month = Dec,
   year = {2014},
   howpublished = {\url{http://www.secureworks.com/cyber-threat-intelligence/threats/dyre-banking-trojan/}},
 }