Dridex Botnet targets the U.S, U.K and France

The year 2015 has seen a string of cyber crimes right from malware attacks to hacker groups breaching sensitive data from major MNCs. We are reaching the end of the year and the attacks never seem to cease. The latest attack is from a botnet called Dridex which targets financial credentials. The botnet has struck computers in the U.S., U.K. and France.

Sometimes called as Cridex or Bugat, Dridex botnet is an advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.

Security vendor Trend Micro noticed the Dridex activity after the U.S. Department of Justice said last month it had significantly disrupted it in a joint action with the U.K. Trend has seen multiple spam campaigns sending out malicious attachments, such as Excel or Word documents, that could install Dridex, wrote Ryan Flores, a threat research manager. The spam emails use social engineering to try to get people to open purported invoices, unpaid bills, receipts or financial statements, he wrote.

The botnet can be hired out by other cybercriminals who want to compromise computers. Those campaigns are identified by codes. Trend Micro noticed codes used in recent spam runs that were also seen as far back as Oct. 14. "This development further validates previous findings that the Dridex botnet was not totally taken down," he wrote.

“The top countries targeted by Dridex spam are the U.S, U.K., France and Australia”, Trend said.

After the department of justice announcement, Dridex activity fell in September but picked up again in early October as noticed by Palo Alto Networks. Botnets can be difficult to eradicate. Even if network resources used by the cybercriminals are taken offline, they often set up new infrastructures to begin compromising computers again.

The DOJ accused Andrey Ghinkul, 30, of being the administrator of the Dridex. Ghinkul was arrested on Aug. 28 in Cyprus, and the U.S. is seeking his extradition to face a nine-count indictment in the U.S. District Court for the Western District of Pennsylvania.