Dridex, also known as Cridex or Bugat, is a banking Trojan that has been active since 2011. The malware is primarily used to steal sensitive information, such as login credentials and financial information, from victims. Dridex is known for its ability to evade detection by using dynamic configuration files and hiding its servers behind proxy layers.
It seems that once again bad actors have found a new way to infect our devices with malware. This time, they are using a devious little trick to spread trojanized versions of popular chat apps Telegram and WhatsApp. Now, I am sure you are all familiar with these apps – they are hugely popular for communication and messaging, with millions of users around the world. And unfortunately, that is exactly what makes them such an attractive target for cybercriminals.
Ransomware is a type of malware that is designed to take your system or files on your system hostage. The basic concept behind ransomware is pretty simple. An attacker prepares a payload that infiltrates a computer’s hard drive and encrypts the files in it.
Since March 2nd, 2023, intelligence from the Egress Intelligent Email Security platform shows Emotet malware being used within Microsoft OneNote attachments, as cybercriminals evolve their attacks in attempts to avoid detection. Emotet is sophisticated malware primarily used for stealing sensitive information, such as credentials, from the machines it infects.
A report from Palo Alto Networks’ Unit 42 found that data theft extortion occurred in 70% of ransomware attacks in 2022, compared to 40% in 2021. The researchers examined the four most common methods of cyber extortion (encryption, data theft, harassment, and DDoS attacks) noting that threat actors often combine these tactics within a single attack campaign.
According to the AV-TEST Institute, more than 1 billion strains of malware have been created, and more than 500,00 new pieces of malware are detected every day. One of the main reasons for this rapid growth is that malware creators frequently reuse source code. They modify existing malware to meet the specific objectives of an attack campaign or to avoid signature-based detection.