View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 26, 2015

UK targeted as Dridex banking Trojan bounces back

News: Return comes just weeks after security services reduced botnet's power.

By Charlotte Henry

The Dridex banking Trojan appears to have come back from the dead, just a few weeks after the National Crime Agency said it had successfully managed to severely limit its power, working alongside US authorities.

Ryan Flores, of cyber security firm Trend Micro, who also worked on the initial investigation, said in blogpost: "Dridex is steadily regaining its footing in the US."

The UK is also a top target of Dridex related spam, with 14% of its spam messages coming to the UK, compared to 23% in the US. UK losses due to Dridex have been put at £20m.

Although the National Crime Agency’s National Cyber Crime Unit managed to takedown a large percentage of the botnet, which primarily goes after financial institutions, Trend Micro said they had continued to monitor it and had noticed a return.

"We are seeing multiple Dridex-related spam runs, most of which are using social engineering lures that involve financial matters such as an invoice, an unpaid bill, a financial statement, current credit balance, or receipt."

An NCA spokesperson said: "The international activity undertaken in October was part of a sustained and ongoing campaign targeting multiple versions of Dridex and the cyber criminals behind them. Those involved in serious organised crime will always seek to adapt to protect profitable ventures, and the NCA continues to work closely with our international partners to target cyber crime threats including malicious software."

Flores also said that researchers had noticed new variants within the attack code. "We are still checking if these new variants can send email, which would, in effect, bring the entire infection chain for Dridex full circle," he said.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.