Tuesday, October 28, 2014

Dridex Spreading via Word Docs "Banking Malware"

Cybercriminals using the Dridex banking Trojan to steal sensitive information from Internet users have changed the way they are distributing the malware, according to researchers from Palo Alto Networks.

Dridex, which is a successor of the Cridex/Feodo/Geodo Trojans, was first spotted in July. The threat is used by cybercriminals to obtain the information they need for fraudulent bank transactions.

Until recently, Dridex was mostly distributed via executable files attached to spam emails. However, researchers at Palo Alto Networks noticed that cybercriminals have started delivering the threat with the aid of macros placed inside innocent-looking Microsoft Word documents.