Dridex Banking Trojan Evolves Into Bitcoin Ransomware Distributor

Jp Buntinx · April 9, 2016 · 8:23 am ·

Jp Buntinx · April 9, 2016 · 8:23 am

People active in the world of security will have heard of the Dridex malware before, which is a Trojan designed to infiltrate banking infrastructure. But it looks like Dridex is evolving, as it can now be deployed to steal payment card data as well. Malware keeps evolving over time, and people who have been dealing with Bitcoin ransomware in the past will know that all too well.

Also read: Custom WordPress.com Domains Finally Have HTTPS Encryption

Dridex Malware Evolves And Spreads Ransomware

As if a banking Trojan is not unpleasant enough to deal with on its own, things get even more worrying when security researchers discover this malware is evolving. In fact, some analysts are lead to believe the Dridex malware is under “new management”, as the software seems to have taken on a slightly different set of skills all of a sudden.

Based on a recent report by Spanish security vendor Buguroo, the current version of Dridex is no longer interested in hijacking online banking sessions. Even though this seems to be a lucrative business for internet criminals, transferring money from a victim’s account to a fraudulent bank account is no longer the primary goal.

Instead, Dridex is deliberately trying to steal credit card information, by using an Automatic Transfer System mechanism. But that is not the only change, as the malware is now openly targeting users from all over the world, including Latin America and Africa. This is a noteworthy change from previous iterations of this malware, which were designed to attack English-speaking users.

But if that was not worrying enough, it turns out Dridex is also responsible for the distribution of the Locky ransomware. It is not the first time Bitcoin ransomware is spread through other exploit kits, but it is one of the first instances where banking and credit card malware ventures into the Bitcoin world.

There is no denying internet criminals are stepping up their game, and the tools they use are evolving at a scary pace as of late. Major cyber groups are coming up with new and creative ways to attack as many enterprises and consumers with one attack wave as they possibly can. Combining a mobile banking hijacker with credit card theft and spreading Bitcoin ransomware is one potent combination to wreak havoc all over the world.

What are your thoughts on this Dridex malware evolution? Will bitcoin ransomware become even more appealing to internet criminals now? Let us know in the comments below!

Source: Dark Reading

Images courtesy of Shutterstock, Cisco

Banking Trojan Bitcoin Ransomware Buguroo Dridex Locky Malware Show comments

+
22/05 PayPal: We’ll ‘Definitely Support’ Bitcoin If It Becomes ‘Better Currency’
The CFO of PayPal defended the case for fiat merchant settlements Monday, telling mainstream media the company could nonetheless “definitely support” Bitcoin in the future. CFO Rainey Points Finger at Volatility Speaking to CNBC in an edition of the network’s Mad Money segment, John Rainey, PayPal’s CFO, claimed that volatility was the reason PayPal did not “see a lot of interest” from its merchants regarding cryptocurrency acceptance. Rainey told Mad Money host Jim Cramer: Because
Read More
+
22/05 John McAfee Says the Cryptocurrency Bull Rally is Near
John McAfee believes the march of the cryptocurrency bulls is at hand. The renowned tech activist and internet security expert has added his voice to the growing crypto institutional investment narrative. Prices Will Go Through the Roof In a tweet on Monday, McAfee urged traders to gear up for the next crypto price rally. He based his assertions on the influx of cash from institutional investors trooping into the market. He also said that with
Read More