Salesforce.com is warning its customers that the Dyreza banker Trojan is now believed to be targeting some of the company’s users.
The Trojan, which has the ability to bypass SSL, typically goes after customers of major banks, but seems to be expanding its reach. Dyreza is relatively new among the banker Trojan crowd and it hasn’t had the reach or effect of older bankers such as Carberp or Zeus. But it has some interesting capabilities that make it troublesome. The malware installs itself on a victim’s machine after a user clicks on a malicious attachment in a spam message. Once on the machine, Dyreza reaches out to a C2 server and waits for the victim to visit a targeted banking site.Read more