Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption
- by nlqip
Dyre is one of the most sophisticated banking and commercial malware agents in the wild. This trojan uses fake login pages, server-side webinjects, and modular architecture to adapt to the victim. This in-depth report looks at the entire fraud flow and its capabilities.
Dyre is a relatively new banking Trojan, first seen in the beginning of 2014. It soon emerged as one of the most sophisticated banking and commercial malware in the wild. Although it mainly targets online banks, it steals other types of credentials as well. Dyre uses many new techniques such as completely fake login pages, server side web-injects, and modular architecture. The level of sophistication and the constant upgrading of its capabilities suggest that it is here to stay.
Many have written about this new threat. However, few have succeeded in covering the entire fraud flow and all of its capabilities.
Just like most other malware, Dyre spreads via phishing campaigns. The infection process has several stages. First, the victim receives an email, similar to the template above, containing an attachment. Once the victim opens the attachment, he or she unknowingly executes the “Upatre” malware downloader. It then downloads and infects the machine with the actual Dyre malware. In the last stage, the malware uses a spamming tool to send similar emails and continue spreading.
Attackers use several methods to evade security solutions and researchers. Dyre constantly changes its “packing”—a technique for changing the binary code without changing its functionality, so it won’t be detectable or readable.
To see the full version of this article, click “Download” below.
Source link
lol
Dyre is one of the most sophisticated banking and commercial malware agents in the wild. This trojan uses fake login pages, server-side webinjects, and modular architecture to adapt to the victim. This in-depth report looks at the entire fraud flow and its capabilities. Dyre is a relatively new banking Trojan, first seen in the…
Recent Posts
- Tenable Announces the Passing of Chairman and CEO Amit Yoran
- Opinion: Why Nvidia, MediaTek May Enter The PC CPU Market Soon
- Microsoft VP Of Silicon Engineering Jumps To Google Cloud To Head Chip Technology And Manufacturing
- 10 Cloud Startup Companies To Watch In 2025
- Cybersecurity Snapshot: After Telecom Hacks, CISA Offers Security Tips for Cell Phone Users, While Banks Seek Clearer AI Regulations