Wednesday, 1 July 2015

Hacked Routers Used To Distribute Malware Dyre

Cyber criminals hacked routers to distribute the Dyre-malware, as discovered and reported Bryan Campbell , security researcher at Fujitsu. Dyre , also known as Dyreza, is a Trojan specifically designed to steal money from online bank accounts.

Be emails with infected e-mail attachments used for the distribution of Dyre. Annexes instance pose as an invoice, but is actually the Upatre downloader that eventually install the Dyre Trojan on the computer. Once active Dyre will the browser (Internet Explorer, Google Chrome or Firefox) and hijack login information for online banking returned to the criminals. Then the malware installs a spam module on the computer and will use it to send new e-mails.

Campbell found that Dyre used to install the "payload" hacked routers. It is Ubiquiti Networks routers that use the operating system airos. Besides these routers would also routers manufacturer MicroTiK, running on RouterOS, are the target. The researcher makes on his own blog know that making the Dyre instances that he studied with many hacked airos routers connection. The routers are probably using known vulnerabilities or default credentials hijacked.

No comments:

Post a Comment