This week, Proofpoint researchers observed the now infamous “man-in-the-browser” (MITB) banking malware Dyre experimenting with new ways to deliver spam attachments. These innovations included two significant changes in Dyre behavior:
Proofpoint data shows which malware benefited from the recent pause in Dridex campaigns.
In what is likely to be a short-lived cessation in Dridex campaigns while the criminal proponents behind that malware scramble to find a new delivery channel, it appears as though other malware purveyors may be positioning themselves to take additional market share of the lucrative crimeware aren
Within the last week, the now infamous “man-in-the-browser” (MITB) banking malware Dyreza appears to have significantly expanded its target set of entities from which to steal credentials.
Earlier this year, researchers published analyses of targeted attack known as Operation Arid Viper (aka Desert Falcons, aka DHS) directed primarily at organizations in the Middle East.
Proofpoint researchers recently observed a campaign targeting telecom and military in Russia. Beginning in July 2015 (and possibly earlier), the attack continued into August and is currently ongoing.
What happens when threat actors overload an exploit kit? Proofpoint researchers open door of a malware clown car.
Proofpoint threat researchers analyze a new exploit kit priced to bring flexible malware delivery to cost-conscious cybercriminals.