Dyre is a sophisticated piece of malware, capable of hijacking all three major web browsers to intercept banking credentials.
Norton by Symantec has released new research on the Dyre Trojan, which is now configured to defraud customers of more than 1,000 banks and other companies worldwide. Following takedowns of the Gameover Zeus, Ramnit and Shylock operations, Dyre infections surged and attacks became more aggressive, making it the most dangerous financial Trojan. Notably,
Norton by Symantec found that in the UAE, 12 banks have been targeted over the last year, resulting in over 373 attacks against banking customers – meaning the UAE is in the top 30 countries in terms of infections. Based on the activity observed, the attackers adhere to a five-day work week during the UTC +2 or UTC +3 time zone, suggesting they operate out of Eastern Europe or Russia. Other than that the report also noted that financial institutions in the U.S. and U.K. are most targeted in order to defraud the customers that bank with them.
While financial gain is the primary motivation, Dyre is often used to download additional malware onto a victim’s machine and add them to a botnet.