We’ve all had that moment, those unwanted pop-ups and advertisements on your computer that make you suddenly realise “I’ve got a virus”. It’s one of the things we tend to think happens to others but it can happen to anybody and with the internet it’s easier and easier to spread malicious software, or malware, around the world. One piece in particular has reappeared, this time targeting your online banking experience.
Dridex has made several appearances before, such as when the NCA estimated its cost to the UK was around £20 million. IBM’s X-force have found a more recent version of the malware and it features a whole new trick up its sleeve. By targeting something known as the DNS (Domain Name Service), instead of getting redirected to your banks website, Dridex will now send you to a fake site. From there, users enter their details believing everything to be okay, only to have then handed over their login details to the malware.
The issue with this is that you can be on the “right” website, the page looks normal, the web address is correct and everything else that makes you trust the site, but suddenly its only when you’ve logged in that you realise there is nothing right about the site.
13 of the U.K’s largest banks have had their websites replicated, which may not seem like many but if you count how many times people check their bank accounts online, even taking a few pounds from each of them could quickly reach millions.
The malware is spread through several ways, one of the most common being a manipulated Office document. As a result we remind our readers that attachments are like candy, never accept them from strangers and if you are not expecting them, be extra careful!