Your personal cyber security and anti-hacking news

The Growing Threat of Dyre Financial Malware

by: Omri Toppol
Why Dyre Malware puts you at risk for online identity theft

This summer is off to an interesting start for the world of cybercrime. Two big things in particular happened recently: We saw the arrest of hundreds of cybercriminals, bringing to the forefront the fact that these types of criminals do sometimes, contrary to popular belief, get caught and punished. And, in the same week that some of the masterminds behind the Zeus—one of the longest-living banking Trojans out there—were finally arrested, a new form of seriously powerful financial malware called Dyre surfaced.

There are some interesting things to consider regarding Dyre malware (also known as Dyreza). First of all, let’s recall a warning that was spreading around the web back in May about how our home routers can threaten our security and turn our computers into components of a massive botnet, among other things. It should be common knowledge by now that routers (and any device connected to the Internet, really) that are using default passwords pose a serious security risk. One of the most recent discoveries about the Dyre banking trojan is that it reaches victims through compromised home routers. These hacked routers turn the machines connected to them into part of a massive botnet that infects victims’ computers with Dyre malware and other harmful malware.

The Growing Threat of Dyre Financial Malware

Why is Dyre such a big deal? Well, for starters, it appears to be quickly making its way to being the top financial malware threat, as powerful if not more so as Zeus, the financial malware that preceded it. To put that into perspective, here’s some food for thought: Zeus has been around since 2007, and is said to have infected over three million PCs in the U.S. alone. That’s a lot of computers, and a lot of victims.

Second, financial malware like this is one of the nastiest types of malware out there. We recently wrote about the scary capabilities of financial malware (while not all financial malwares have them all, Zeus did embody each of them, and Dyre malware probably does too). When combined, these capabilities—which go so far as changing the amount of money we see in our online bank account to hide the missing cash that’s been stolen from us—can do real damage.

Here are some more highlights about Dyre malware:

  • It’s mainly spread through spam emails with malicious attachments that might look like typical business documents.
  • It uses Man-in-the-Browser tactics to steal your login credentials—even while you’re typing them in.
  • It can infect your computer with other types of malware. Symantec has discovered seven other types of malware being spread through Dyre.

What should we take away from all of this? For starters, it’s more important than ever not to be lazy about our online security. That means taking measures we may not have considered before, like changing the default settings of our home routers. We also need to keep ourselves educated about malware and how our computers can get infected with it. (This article about Exploit Kits is helpful.) And, we should always be wary of any attachments from a fishy-looking email and any downloads from a fishy-seeming website, as these may be hackers’ keys to our machines.

Want to see more content like this? Subscribe to get a weekly roundup from BlogDOG.

About LogDog
The LogDog anti-hacking and privacy tool protects the most popular online account types including Gmail, Facebook, and Dropbox by detecting unusual access activity and alerting users so they can take control of their accounts before hackers do.

The service can be used across all devices and OS’s, so you’re always being protected. Here’s the Android and iOS links for you to check out.

Written by  Omri Toppol

Omri is LogDog's marketing guy. He is passionate about technology, digital marketing and helping online users to stay safe and secure

« | »

Other Posts

Get Protected

Enter your email and receive security updates * 100% privacy guaranteed, we will never spam you.