Edgy online shoppers face Dyre Christmas as malware mutates
Bank-plundering code now hunts Windows 10 and its Edge browser
VXers have cooked up Windows 10 and Edge support for the nasty Dyre or Dyreza banking trojan.
The banking bomb has ripped untold fortunes from victims and passed them into the hands of its authors. In at least one instance alone IBM says more than one million dollars was plundered from an organisation.
At present it has infected some 80,000 machines with that number expected to rise.
It can also target Mozilla Firefox, Google Chrome, and of course Internet Explorer.
While Dyre is highly capable and among the worst banking trojans in existence, it is unclear how it will fare against Microsoft's new and harder Edge browser which has received laudable security upgrades of late.
Heimdal Security's Andra Zahria says the new Dyre variant can hook Edge and kill unnamed security software on victim machines.
"The cyber criminals behind Dyreza often spread the malware via spray-and-pray spam campaigns, which are sent to random recipients," Zahria says.
" … Dyreza is also a crime-as-a-service network” that anyone can buy into [and attack] a group of targets in the code configuration file [which] are typically online banking websites."
Targeted users risk having bank accounts drained and machines botted.
Dyre authors have also added support for both 32-bit and 64-bit Windows systems. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust