menu

Contact Us

1 (800) 723-1166 |

Dridex

HomeDridex
HomeDridex

New Year, New Look - Dridex via Compromised FTP

Forcepoint Security Labs have recently observed a peculiar email campaign distributing a variant of the Dridex banking trojan. The campaign used compromised FTP sites instead of the more usual HTTP link as download locations for malicious documents, exposing the credentials of the compromised FTP sites in the process.

Dridex in the Shadows - Blacklisting, Stealth, and Crypto-Currency

Dridex has drastically reduced in volume throughout 2016. Actors are now appearing to prefer crypto-ransomware such as Locky over the infamous banking trojan. However, Dridex is still being actively developed.  Here is Forcepoint Security Labs we have seen a number of changes and improvements over the last few months.

Locky Ransomware - Encrypts Documents, Databases, Code, BitCoin Wallets and More...

A new ransomware named Locky has emerged recently.  Locky is distributed in a manner similar to that of Dridex botnets 120 and 220. This new ransomware uses 128-bit AES encryption and has a domain generation algorithm (DGA). It is also capable of encrypting SQL databases, source code, BitCoin wallets and more.

Dridex Down Under