Hey Dridex, Tu Runā Latviski?
Has Dridex been brushing up on its Latvian? Or
perhaps its written Estonian skills? Maybe it’s preparing a long overseas stay
requiring offshore banking accounts in the Cayman Islands? Recent Dridex
configurations analyzed by IBM X-Force reveal that the new wave of Dridex
attacks is resilient and more complex than your average malware campaign.
Following several quiet months, a spike in renewed
activity suggests the gang operating Dridex is picking up speed with precision
and planning.
Unlikely Targets
According to IBM X-Force Research, Dridex
configurations from the past two months are replete with a hefty count of
targets in some more common countries, such as the U.S., U.K., Canada and
Australia. However, the Trojan is targeting some less charted territories as
well, such as Lithuania, Latvia, Estonia, Lebanon and Ukraine, to name a few.
This is quite uncommon for any banking Trojan.
Per its configuration files, Dridex currently
targets over 20 Latvian banks, three banks in Estonia, three in Lithuania and
one in Ukraine, among its other uncommon choices of late.
This Dridex post was part of my work with IBM X-Force.
Read the complete post here.
Comments
Post a Comment