Search
Keyword: dridex
24 Total Search |
Showing Results : 1 - 20
As tax season draws closer, cybercriminals are wasting no time in leveraging it. We recently spotted a DRIDEX-related spam run that pretends to come from United Kingdom’s own agency for collecting t...
DRIDEX continues to make waves with yet another invoice spam run. We recently spotted spammed emails supposedly containing an invoice. When users open the .DOC file attachment, it triggers the malici...
Subject: Fake Letter-Response email with DRIDEX attachment DRIDEX is a notorious online banking malware that performs a plethora of information theft routines such as form-grabbing, HTML injections, and cl...
An email that poses as a notification of a possible account compromise carries an attachment that is detected as DRIDEX malware. To convince users to open the attachment, it instructs reci...
We spotted spam emails laden with DRIDEX malware that pretends to come from a British gas company. Unsuspecting users who opened the email will see an attached Word document ...
DRIDEX is a banking Trojan that was first seen in 2011 and is still in the wild up to this day. It was created from the source code of the BUGAT, also known as CRIDEX, banking Trojan. This malware arrives in a system as an email attachment or in some...
An email poses to be a customer statement for a payment due. The sender asks the receiver to send a payment to settle a December Invoice. Once the user opens the attached document, a malicious mac...
We recently came across a spam which poses as an invoice for a certain 'Penalty Charge Notice'. Should unsuspecting users open the .DOC file attached in the said spam email, the embedded ma...
A new wave of DRIDEX spam run is seen in the wild. Much like its predecessor, these recent spammed messages pretend as invoice to lure the users in opening the attachment. Once the attachment is opened, it executes the...
We spotted spam mail with the subject of New Order , claiming that there's an attached invoice for a new order. The spam mail contains a .DOC file. When a user opens the said document, a macro embedded in the document tr...
Another fake online bill has been spotted and the sample we found is posing to be from a British telecommunications company. The spammed message deceives its recipients by making...
This malware is involved in the DRIDEX malspam campaign that was spotted in early November 2014. It purports itself as a word document with malicious macro code that then downloads DRIDEX onto the affected system. Users affected by this malware may f...
This malware is related to the DRIDEX spam runs that used financial matters as its social engineering ploy. These spam emails have Word and Excel file documents which contain the macro that downloads DRIDEX. To get a one-glance comprehensive view of...
This spyware is one of the many DRIDEX variants that have been found in spam runs in November 2015. The said spam runs were observed after the takedown of a DRIDEX botnet. To get a one-glance comprehensive view of the behavior of this Spyware, refer ...
This malware is related to the DRIDEX spam runs that used financial matters as its social engineering ploy. These spam emails have Word and Excel file documents which contain the macro that downloads DRIDEX. To get a one-glance comprehensive view of...
This malware is related to the DRIDEX spam runs that used financial matters as its social engineering ploy. These spam emails have Word and Excel file documents which contain the macro that downloads DRIDEX. To get a one-glance comprehensive view of...
This spyware is one of the many DRIDEX variants that have been found in spam runs in November 2015. The said spam runs were observed after the takedown of a DRIDEX botnet. To get a one-glance comprehensive view of the behavior of this Trojan, refer t...
JavaScript downloaders, like JS_NEMUCOD variants, are making noise with its widespread distribution of malware such as ransomware and DRIDEX. These downloaders are usually found in spam as attachments. In late April ...
This malware is attached in spammed mail. It downloads other malware such as LOCKY ransomware and DRIDEX malware. This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded...
This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET. It then gathers information on the affected system and sen...