More Than $1 Million Stolen Using Banking Malware – Dyre Wolf

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

An active campaign using a variant of the Dyre malware has successfully stolen over $1 million from a variety of targeted enterprise organizations using spear phishing emails, malware and social engineering tricks.

The campaign, named “The Dyre Wolf” by IBM Security researchers, shows a brazen twist from the once-simple Dyre malware by adding sophisticated social engineering tactics likely to circumvent two-factor authentication,according to a blog post.

The organizations have lost between $500,000 and $1.5 million each to attackers—and the malware infection rate continues to increase.

How it works :

This campaign highlights the fact that organizations are only as strong as their weakest link, and in this case, it’s their employees. IBM’s Cyber Security Intelligence Index indicated 95 percent of all attacks involved some type of human error.

How to protect against the Dyre Wolf Attack :

  • Organizations should train its employees on security best practices.
  • Conduct periodic mock phishing exercises where employees receive emails or attachments that simulate a malicious behavior. Then using that findings, discuss the growing security threats with them.
  • Provide security trainings to its employees in order to help understand threats and measures they can take to protect their organization.
  • Regular reminders on phishing and spam campaigns should be provided to employees in order to prevent them to open any suspicious attachments or links.
  • As the banks never ask for banking credentials, employees should be trained to never provide this information to anyone.

 

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply