The Department of Homeland Security formally sounded the alarm on Dyre, the banking Trojan that’s been spotted siphoning banking credentials from both large enterprises and major financial institutions as of late. 

The warning came in the form of an alert informing the public of the malware, which is spread through spam and phishing emails. Phishing emails peddling Dyre are now using malicious PDF attachments that leverage vulnerabilities to download the malware. Once it’s downloaded, it captures user login information and sends that on to attackers. Experts are encouraging users to use caution when it comes to opening attachments.