Dyreza Banker Trojan

A large scale phishing campaign that utilises malicious links, used to bypass Anti-Virus defences, and connect to malicious servers hosting Dyre/Dyreza malware. The emails are propagated through spam messages, many of which appear to be messages from financial institutions.
Dyre/Dyreza is a banking trojan that exploits vulnerabilities within the infected machine’s systems, potentially giving malicious actors remote access into the infected machine, and allowing hostile actors to intercept sensitive login information. During an attack, a user is tricked into believing they are authenticating to a legitimate site, but the malware is re-directing the traffic to servers under the attacker’s control.

more information cab be found at

http://threatpost.com/dyreza-banker-trojan-seen-bypassing-ssl/106671

http://phishme.com/project-dyre-new-rat-slurps-bank-credentials-bypasses-ssl/

Comments are closed.