Dridex banking trojan ranks top on malware list

May 9, 2020
dridex banking trojan malware ransomware antimalware antiransomware

One of the leading Security Company has published its Global Threat Index for March 2020. XMRig bags the 1st place of top malware families as it affected 5% of organizations globally. Second on the list is the Jsecoin, which impacted 4% then followed by Dridex banking trojan, which affected 3% of the organization worldwide.

XMRig had first seen in the wild back in May 2017; it is an open-source CPU mining software that is used to mine Monero Cryptocurrency. It is a legitimate program that is being exploited by hackers to mine coins in an infected computer without the permission of the owner. This infection uses the entire CPU’s processing power that will result in the general slowness of the infected computer, games run slower, videos stutter, and the program won’t launch quickly. Victims may be infected by XMRig by unknowingly downloading a trojanized version of XMRig CPU Miner through Adware bundles or Trojans that download the said infection on the system.

Jsecoin is also a cryptocurrency, but unlike the XMRig, it is Web-based and executes when a user visits a webpage. Jsecoin injects code written in JavaScript to mine for coins. The victims who visit a page that was injected will have a large amount of processing power used for mining a Cryptocurrency automatically.

Dridex, which is also known as Bugat or Cridex, has been around for quite some time now is a Malware that specializes in stealing Banking information with a system that uses Macros from Microsoft Office. This malware targets Windows users and is being propagated with the use of Spam emails that includes a malicious Excel file to infect computers and steal banking information. Dridex is being used by Scammers over the past decade and has been developed and improved ever since.

This malware has first appeared in 2011 and became a significant financial threat. Back in 2017, it was reported that this ever-evolving malware targets several European countries.

Fast forward today 2020, Dridex is now being used for the early stages of downloading targeted Ransomware attacks. For its sophistication and continuous evolution, it’s no surprise that it landed the spot for the first time.

This only shows how malware can be very lucrative. That’s why individuals must always be wary of the emails with attachment even though it appears to be coming from a trusted source.

With the current crisis that we are all experiencing now, most organizations have shifted to work from home, making employees it more vulnerable to these kinds of attacks. An organization must always inform and educate its employees on how to identify spam and make sure to safeguard all their Data Systems to prevent falling victims to these attacks.

About the author

Leave a Reply