Same Cyber-Gang Behind Dridex, Locky and CryptoWall - How to, Technology and PC Security Forum |

Same Cyber-Gang Behind Dridex, Locky and CryptoWall

SensorsTechForum-backdoor-trojan-horse-malware-ransomware-spreadNews broke out that the same gang which is behind the devastating Dridex banking malware was also reported to be behind other very famous viruses as well. The gang has initially begun to distribute CryptoWall, but this was just the beginning. Researchers claim that the cyber-criminals are also the same people who are behind Locky ransomware as well, according to Palo Alto Networks.

The Locky ransomware is not just any other virus. It has now come up with a third ransomware variant with an .odin file extension and this devastating malware is also reported to cause infections on a massive scale (over 90 thousand per 24 hours). Not only this, but the ransom payoff price was also reported to be quite high – in the estimates of approximately 1 BitCoin.

This cyber-gang behind Dridex, believed to be originating from Russia is most likely the biggest one at the moment. They have generated unimaginable profits up until this points and they have the resources to keep developing their ransomware viruses and spreading them massively.

Dridex malware spam was also reported by researchers at KnowBe4 to be sending out millions of malicious emails containing archived files (.zip, .rar) as e-mail attachments. These archives are the ones which have .js files and spread malware such as Locky.

The Dridex trojan itself is actually an evolved version of another Trojan horse also known as the Cridex Trojan. This particular type of malware was mainly created to target bank account information on infected computers and extract it to remote servers. The reason why this trojan became so widespread was that it became concealed within macros of important documents such as Invoices, Confirmation Letters and others.

The attacks by Dridex slowly declined since Microsoft has increased the security measures by disabling files that contain macros.

The bottom line for this is that the Dridex gang is a very well organized criminal ring and this may not be all to be seen from it. More threats from the gang are expected in the future, since it definitely has the capability of spreading them. It is not yet confirmed, but the gang may focus on RaaS schemes since this will allow for other affiliates to take the risk while distributing their malware.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share