Russian authorities in November raided offices associated with a Moscow film distribution and production company as part of a crackdown on one of the world’s most notorious financial hacking operations, according to three sources with knowledge of the matter.
Cybersecurity experts said a password-stealing software program known as Dyre — believed to be responsible for at least tens of millions of dollars in losses at financial institutions including Bank of America Corp and JPMorgan Chase & Co — has not been deployed since the time of the raid. Experts familiar with the situation said the case represents Russia’s biggest effort to date to crack down on cyber-crime.Read more
Salesforce.com is warning its customers that the Dyreza banker Trojan is now believed to be targeting some of the company’s users.
The Trojan, which has the ability to bypass SSL, typically goes after customers of major banks, but seems to be expanding its reach. Dyreza is relatively new among the banker Trojan crowd and it hasn’t had the reach or effect of older bankers such as Carberp or Zeus. But it has some interesting capabilities that make it troublesome. The malware installs itself on a victim’s machine after a user clicks on a malicious attachment in a spam message. Once on the machine, Dyreza reaches out to a C2 server and waits for the victim to visit a targeted banking site.Read more