Dyre Banking Trojan
Jump to navigation
Jump to search
(Publication) Google search: [1]
Dyre Banking Trojan | |
---|---|
Botnet | Dyre |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2014 / 2014-12-17 |
Editor/Conference | DELL SecureWorks |
Link | http://www.secureworks.com/cyber-threat-intelligence/threats/dyre-banking-trojan/ (Archive copy) |
Author | Brett Stone-Gross, Pallav Khandhar |
Type | Threat entry |
Abstract
“ Threat actors regularly develop new Trojan horse malware to fuel their operations and to ensure the longevity of their botnets. After the takedowns of the Gameover Zeus and Shylock botnets, researchers predicted that a new breed of banking malware would fill the void. In early June 2014, the Dell SecureWorks Counter Threat Unit(TM) (CTU) research team discovered the Dyre banking trojan, which was being distributed by Cutwail botnet spam emails that included links to either Dropbox or Cubby file storage services. The threat actors later shifted to distribution via the Upatre downloader trojan. Dyre is also known as Dyreza, Dyzap, and Dyranges by the antivirus industry.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR351, editor = {DELL SecureWorks}, author = {Brett Stone-Gross, Pallav Khandhar}, title = {Dyre Banking Trojan}, date = {17}, month = Dec, year = {2014}, howpublished = {\url{http://www.secureworks.com/cyber-threat-intelligence/threats/dyre-banking-trojan/}}, }