Dyre - Security Intelligence

A white knight chess piece in the foreground with black pieces in the background.

article

Neverquest Gang Takes Leave — Is It the End of the Quest?

IBM X-Force researchers recently observed a massive drop in Neverquest malware campaigns. Is it the end of an era for this Trojan?

May 4, 2017 | By Limor Kessem

article

A piggy bank in the center of a dartboard.

article

TrickBot Is Hand-Picking Private Banks for Targets — With Redirection Attacks in Tow!

According to IBM X-Force Research, the operators of the infamous TrickBot Trojan have been hand-picking private banks to target with redirection attacks.

April 27, 2017 | By Limor Kessem

article

Singapore dollars on a computer keyboard.

article

Nǐ Hǎo TrickBot? Dyre Successor Spreads to Asia

The cybergang behind the TrickBot Trojan has moved into Singapore, targeting the many multinational corporations that operate in the region.

December 13, 2016 | By Limor Kessem

article

article

Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations

Researchers discovered a new banking Trojan, TrickBot, that appears to borrow an uncommon webinjection technique from the infamous Dyre family of malware.

November 9, 2016 | By Lior Keshet

article

British currency on a computer keyboard.

article

An Aggressive Launch: TrickBot Trojan Rises With Redirection Attacks in the UK

IBM X-Force researchers reported that TrickBot is fully operational and already capable of deploying two of the most advanced browser manipulation methods.

November 8, 2016 | By Limor Kessem

article

TrickBot malware uses a custom crypter that has shown up in analysts of Cutwail and other malware families. Significantly, the Dyre Trojan also used the Cutwail spambot, suggesting that some original Dyre authors might be involved.

news

TrickBot Malware Resurrects the Ghost of Dyre

The authors of TrickBot malware appear to have rewritten the Dyre Trojan's code, leading researchers to suggest that the same developers might be involved.

October 18, 2016 | By Larry Loeb

news

The banking and financial industry is increasingly being targeted by cybercriminals on the hunt for cash — and lots of it. According to IBM research, they are even leveraging several sophisticated attack vectors in order to get rich.

article

The New Bank Heist: The Financial Industry’s Top Threats

The financial industry is plagued by a few main types of malware and cybercrime attacks, including Shellshock and denial-of-service attacks.

February 10, 2016 | By Scott Craig

article

With apparent assistance from Kaspersky Lab, Russian authorities successfully raided a downtown Moscow office with alleged connections to the criminal group behind the Dyre banking Trojan. This may clear the field for other Trojans to expand their reach.

article

Dyre Straits: Group Behind the Dyre Trojan Busted in Moscow?

Early reports indicate that the cybercrime gang behind the Dyre banking Trojan has been busted in Moscow by Russian authorities.

February 9, 2016 | By Limor Kessem

article

The Dridex banking Trojan is using redirection attacks, popularized by Dyre malware, to carry out fraudulent transactions via U.K. banks. The setup being used by the Trojan appears to target British businesses and other large accounts.

article

Dridex Launches Dyre-Like Attacks in UK, Intensifies Focus on Business Accounts

IBM X-Force researchers have been following new developments in the Dridex Trojan's attack methodologies and share intelligence in this alert.

January 19, 2016 | By Limor Kessem

article

2016 is poised to be yet another big year for cybercriminals, and they certainly prepared by improving malicious methods and attacks in 2015. We focused on a few big moments in cybercrime from the past year and recapped some of the biggest heists.

article

2015: Cybercrime’s Epic Year

2015 was an epic year for cybercrime. Take a look at some of the most notable attacks and developments from the past 12 months.

December 8, 2015 | By Limor Kessem

article

InterPlanetary Storm Malware Using IPFS P2P Network to Hide Its Activities

Threat Actors Use Targeted Attack Tools to Distribute Cryptocurrency Miners, Ransomware

XENOTIME Threat Group Now Targeting Electric Utility Organizations

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

One Big Lesson From the Cyber Range to Help Solve Confirmation Bias

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Webinar: Under the Radar: IBM QRadar Demo Series

Webinar: Appliance Networking Topics

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Tag: Dyre

Neverquest Gang Takes Leave — Is It the End of the Quest?

TrickBot Is Hand-Picking Private Banks for Targets — With Redirection Attacks in Tow!

Nǐ Hǎo TrickBot? Dyre Successor Spreads to Asia

Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations

An Aggressive Launch: TrickBot Trojan Rises With Redirection Attacks in the UK

TrickBot Malware Resurrects the Ghost of Dyre

The New Bank Heist: The Financial Industry’s Top Threats

Dyre Straits: Group Behind the Dyre Trojan Busted in Moscow?

Dridex Launches Dyre-Like Attacks in UK, Intensifies Focus on Business Accounts

2015: Cybercrime’s Epic Year