UK Hit By Serious Cyber Attack - Dridex Malware

Though Dridex has been known to be around for a while UK is more often hit by this threat perversion of online banking crime dating back to 2014 when it spread through a serious annoying spam campaign . Dridex is an evolution of the Cridex malware, which itself is based on the ZeuS Trojan Horse malware. Dridex is a peer-to-peer (P2P) bank credential-stealing malware. It uses a decentralised network infrastructure of compromised personal computers and web servers to execute command-and-control (C2). 

What is Dridex Malware? 

It is also known as Bugat and Cridex, has been developed by technically skilled cyber criminals in Eastern Europe to harvest online banking details, which are then exploited to steal money from individuals and businesses around the world. Global financial institutions and a variety of different payment systems have been particularly targeted, with UK losses estimated at £20m. The National Crime Agency warned.

Computers become infected with Dridex malware when users receive and open documents in seemingly legitimate emails. 

Example of Email Content soliciting for a Dridex Infection

The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), have also issued warning and Technical Alert to provide further information about the Dridex botnet. These kind of emails have also spread and seen in Africa with reports of such from Zambia

TIPS FOR PROTECTION AGAINST DRIDEX:

• Ensure your computers have up-to-date Security Software, Operating System and Applications. Malware exploits vulnerabilities in the existing software before an update is done. 

• Use legitimate Anti Malware tools 

• Don't click on any suspicious or unknown links and attachments. The cyber criminals are using technics to lure users into clicking on malware infested links 
  

• Reduce the value of a criminal knowing your passwords by ensuring you use unique complex passwords for accessing web sites and online banking, and remember to use a different password for each site/account.

• To limit the surface attack area make your passwords more secure. They should be at least 15 characters long with a mix of letters, numbers and special characters 
• If you fear a password has been compromised promptly change it on all other web sites where you may have used the same password.

• Don't click on any suspicious or unknown links and attachments. Don't install unknown software and applications requested from emails.

Tools for Removing Dridex

       F-Secure

       https://www.f-secure.com/en/web/home_global/online-scanner(link is external)

       McAfee

       http://www.mcafee.com/uk/downloads/free-tools/stinger.aspx(link is external)

       Microsoft

       http://www.microsoft.com/security/scanner/en-us/default.aspx(link is external)

       Sophos

       https://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx(link is external)

       Trend Micro

       http://housecall.trendmicro.com/(link is external)