Elbit Systems’ CYBERBIT has uncovered Dridex malware’s persistency mechanism, allowing organizations to detect and remove the malware.
The analysis was revealed by CYBERBIT’s malware research the Dridex malware, fully revealing its infection process and persistency mechanism. Part of Dridex’ robustness is attributed to its ability to constantly generate new variants for each attack, thus going undetected under AV engines.
CYBERBIT’s malware research team which analyze malwares and security threats managed to reveal Dridex’ persistency mechanism, which allows it to remain uncovered and undetected due to its unique mode of operation.
Since its appearance in late 2014, Dridex has been one of the most notable malware threats, designed to steal personal banking information and credentials mostly from small and medium-sized organizations.
Dridex malware attacks are said to be responsible for the theft of over $50 million, out of which $30 million was stolen from UK accounts alone. The criminal forces behind Dridex are believed to have links to similar cybercrime gangs.
CYBERBIT suspects that such criminal organizations experience from previous activities are those that allow Dridex authors and affiliates to keep their infrastructure alive and to stay active and dangerous.
CYBERBIT will present and demonstrate its detection of advanced threats capabilities at the CYBERTECH 2016 Exhibition January 26-27, 2016 at the Israel Trade Fair and Convention Center.
CYBERBIT’s products collect and analyze information in greater depth and context over time and space and provide ad-hoc forensics and response capabilities, for both IT and SCADA networks, while assuring minimum time for mitigation, remediation and response.