DYRE MALWARE

Threat –

DYRE MALWARE–

·         A Trojan with Man in the middle (MITM) attack capabilities and coveted VNC Session,  designed to steal login credentials by grabbing the whole HTTPS POST packet, which contains the login credentials sent to a server  during the authentication process, and forwarding it to its own server.

·         It can then compromise the victim’s Bank /others account and can block the user to access his own account.

·         It has VNC capability as well to perform DoS or DDoS attack through the victim machine once the system is affected with the malware.

·         It works through a configuration file  and currently there are 90 target Banks  (mainly from Romania, United Kingdom, Ireland, USA, and UAE)  in that configuration file  

How it spreads

Spam/Phishing Emails

It comes as an attachment in an spam or phishing mail and once user invokes it, the Trojan executes itself and gets installed on  victim’s computer.

 

How to Protection

Spam Filtering

End Point Protection  

            User awareness  
                  1.       User not to fall prey to unsolicited mails.
                  2.       User  not to open email attachments if sender is unknown or unfamiliar.