US-CERT Warns Dyre Malware Used in Phishing Attacks
From Security Week
The Dyre malware is back to doing what it does well – targeting online bankers and stealing their user credentials in a new phishing campaign. According to US-CERT (United States Computer Emergency Readiness Team), which is under the Department of Homeland Security, the malware is spreading via malicious PDF attachments that take advantage of unpatched versions of Adobe Reader. Specifically, the attackers are targeting CVE-2013-2729 and CVE-2010-0188.
“Historically, banking Trojans were used to steal account credentials of banking customers but now sensitive business data is being stolen from companies in the healthcare industry, retail, software industry and others,” Don Jackson, director of threat intelligence at PhishLabs, blogged recently.
“Malicious software developers are seeking access to organizational systems and operating systems to steal data that would aid in identity theft for purposes of committing fraud. Attackers remain patient and persistent; evolving the tools, harvesting the data and attacking when it is unexpected.”