Maturing malware makes money matters mayhem

By Dave Neal


Windows 10 adoption could increase the scale of a banking Trojan

BY ZEUS, A VIRULENT BANKING TROJAN has been updated so that it supports financial mayhem on the freshly baked Windows 10 operating system and supporting Microsoft Edge browser.

Microsoft reckons that Windows 10 is installed on over 100 million machines, and this suggests prime picking for people who deploy banking trojans, not to mention the fact that most people will still be getting used to the software and its services and features.

The newest edition to the Windows 10 spectrum is a variant of the Zeus banking malware known as Dyreza. It is related to Dyre, a threat that we reported on earlier this year.

The warning at the time was that as many as one in 20 online banking users could be exposed to the threat, and things look as bad this time around. Heimdal Security said in a blog post that the malware has been strengthened in scale and capability.
Dyreza gets knocked down, but it gets up again. https://t.co/dWIPxas4dN @AndraZaharia
— Security B-Sides YYC (@bsidesyyc) November 18, 2015
"The info-stealer malware now includes support for Windows 10. This new variant can also hook to Microsoft Edge to collect data and then send it to malicious servers," said the post.

"Moreover, the new Dyreza variant kills a series of processes linked to endpoint security software in order to make its infiltration in the system faster and more effective."

The threat already has a footprint, and the people behind it have increased it. Heimdal said that, once Dyreza is done with your bank account, it will move you into position on a botnet. The firm estimates that this botnet is currently 80,000-strong.

"By adding support for Windows 10, the Dyreza malware creators have cleared their way to growing the number of infected PC's in their botnet. This financial trojan doesn't only drain the infected computers of valuable data, it binds them into botnets," said Heimdal.