Home > Cyber News > Same Cyber-Gang Behind Dridex, Locky and CryptoWall
CYBER NEWS

Same Cyber-Gang Behind Dridex, Locky and CryptoWall

SensorsTechForum-backdoor-trojan-horse-malware-ransomware-spreadNews broke out that the same gang which is behind the devastating Dridex banking malware was also reported to be behind other very famous viruses as well. The gang has initially begun to distribute CryptoWall, but this was just the beginning. Researchers claim that the cyber-criminals are also the same people who are behind Locky ransomware as well, according to Palo Alto Networks.

The Locky ransomware is not just any other virus. It has now come up with a third ransomware variant with an .odin file extension and this devastating malware is also reported to cause infections on a massive scale (over 90 thousand per 24 hours). Not only this, but the ransom payoff price was also reported to be quite high – in the estimates of approximately 1 BitCoin.

This cyber-gang behind Dridex, believed to be originating from Russia is most likely the biggest one at the moment. They have generated unimaginable profits up until this points and they have the resources to keep developing their ransomware viruses and spreading them massively.

Dridex malware spam was also reported by researchers at KnowBe4 to be sending out millions of malicious emails containing archived files (.zip, .rar) as e-mail attachments. These archives are the ones which have .js files and spread malware such as Locky.

The Dridex trojan itself is actually an evolved version of another Trojan horse also known as the Cridex Trojan. This particular type of malware was mainly created to target bank account information on infected computers and extract it to remote servers. The reason why this trojan became so widespread was that it became concealed within macros of important documents such as Invoices, Confirmation Letters and others.

The attacks by Dridex slowly declined since Microsoft has increased the security measures by disabling files that contain macros.

The bottom line for this is that the Dridex gang is a very well organized criminal ring and this may not be all to be seen from it. More threats from the gang are expected in the future, since it definitely has the capability of spreading them. It is not yet confirmed, but the gang may focus on RaaS schemes since this will allow for other affiliates to take the risk while distributing their malware.

Ventsislav Krastev

Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.

More Posts - Website

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree