Edgy online shoppers face Dyre Christmas as malware mutates

Bank-plundering code now hunts Windows 10 and its Edge browser


VXers have cooked up Windows 10 and Edge support for the nasty Dyre or Dyreza banking trojan.

The banking bomb has ripped untold fortunes from victims and passed them into the hands of its authors. In at least one instance alone IBM says more than one million dollars was plundered from an organisation.

At present it has infected some 80,000 machines with that number expected to rise.

It can also target Mozilla Firefox, Google Chrome, and of course Internet Explorer.

While Dyre is highly capable and among the worst banking trojans in existence, it is unclear how it will fare against Microsoft's new and harder Edge browser which has received laudable security upgrades of late.

Heimdal Security's Andra Zahria says the new Dyre variant can hook Edge and kill unnamed security software on victim machines.

"The cyber criminals behind Dyreza often spread the malware via spray-and-pray spam campaigns, which are sent to random recipients," Zahria says.

" … Dyreza is also a crime-as-a-service network” that anyone can buy into [and attack] a group of targets in the code configuration file [which] are typically online banking websites."

Targeted users risk having bank accounts drained and machines botted.

Dyre authors have also added support for both 32-bit and 64-bit Windows systems. ®


Other stories you might like

  • Azure issues not adequately fixed for months, complain bug hunters
    Redmond kicks off Patch Tuesday with a months-old flaw fix

    Updated Two security vendors – Orca Security and Tenable – have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure.

    In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January. 

    And in a separate blog published on Monday, Tenable CEO Amit Yoran called out Redmond for its lack of response to – and transparency around – two other vulnerabilities that could be exploited by anyone using Azure Synapse. 

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022