View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 20, 2014

Banking malware targets Adobe products

Reader and Acrobat bug facilitates man in the middle attacks.

By Jimmy Nicholls

Dyreza malware is exploiting old flaws in Adobe products to steal banking credentials and bitcoins, according to security firm Trend Micro.

Both Reader and Acrobat are said to be affected by the attacks, allowing hackers to enact man in the middle (MiTM) attacks and monitor online banking sessions, among other things.

Rika Joi Gregorio, threat response engineer at Trend Micro, said: "Cybercriminals and threat actors often use tried and tested vulnerabilities in order to infect user systems and consequently, penetrate an enterprise network.

"This highlights the importance of patching systems and keeping software and applications up to date."

Hackers use spam messages masquerading as an invoice to infiltrate victims’ systems, with a malicious PDF file hiding an executable that downloads a variant of the Dyreza malware.

As well as financial information crooks can also use the malware to gain personally identifiable information used in identity fraud and browser snapshots of user credentials, and can capture the victim’s location.

"While this is not the first instance that scammers and cybercriminals target bitcoins, this new attack highlights how traditional threats like exploits and banking malware remain to be a relevant means for cybercriminals to steal both user credentials and hit a relatively new platform – bitcoins," Gregorio added.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU