People active in the world of security will have heard of the Dridex malware before, which is a Trojan designed to infiltrate banking infrastructure. But it looks like Dridex is evolving, as it can now be deployed to steal payment card data as well. Malware keeps evolving over time, and people who have been dealing with Bitcoin ransomware in the past will know that all too well.
Dridex Malware Evolves And Spreads Ransomware
As if a banking Trojan is not unpleasant enough to deal with on its own, things get even more worrying when security researchers discover this malware is evolving. In fact, some analysts are lead to believe the Dridex malware is under “new management”, as the software seems to have taken on a slightly different set of skills all of a sudden.
Based on a recent report by Spanish security vendor Buguroo, the current version of Dridex is no longer interested in hijacking online banking sessions. Even though this seems to be a lucrative business for internet criminals, transferring money from a victim’s account to a fraudulent bank account is no longer the primary goal.
Instead, Dridex is deliberately trying to steal credit card information, by using an Automatic Transfer System mechanism. But that is not the only change, as the malware is now openly targeting users from all over the world, including Latin America and Africa. This is a noteworthy change from previous iterations of this malware, which were designed to attack English-speaking users.
But if that was not worrying enough, it turns out Dridex is also responsible for the distribution of the Locky ransomware. It is not the first time Bitcoin ransomware is spread through other exploit kits, but it is one of the first instances where banking and credit card malware ventures into the Bitcoin world.
There is no denying internet criminals are stepping up their game, and the tools they use are evolving at a scary pace as of late. Major cyber groups are coming up with new and creative ways to attack as many enterprises and consumers with one attack wave as they possibly can. Combining a mobile banking hijacker with credit card theft and spreading Bitcoin ransomware is one potent combination to wreak havoc all over the world.
What are your thoughts on this Dridex malware evolution? Will bitcoin ransomware become even more appealing to internet criminals now? Let us know in the comments below!
Source: Dark Reading
Images courtesy of Shutterstock, Cisco