AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() Process hollowing: Dridex can inject its code into a legitimate process in order to evade detection by security software.Fileless infection: Dridex can infect a system without leaving any trace of a malicious file on the hard drive.In terms of atomic techniques, Dridex uses a variety of methods to evade detection and maintain persistence on an infected system. This allows the attackers to evade detection by security researchers and law enforcement, as the C&C servers can be quickly changed if one is discovered. One of the interesting features of Dridex is its use of a peer-to-peer (P2P) network for command and control (C&C) communication. The malware then uses web injections to steal financial information from the victim. The Dridex malware typically spreads through spam email campaigns, with the emails containing a malicious attachment or link that, when clicked, will install the malware on the victim's computer. Dridex is known for its ability to evade detection by using dynamic configuration files and hiding its servers behind proxy layers. The malware is primarily used to steal sensitive information, such as login credentials and financial information, from victims. Introduction:ĭridex, also known as Cridex or Bugat, is a banking Trojan that has been active since 2011. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The content of this post is solely the responsibility of the author.
0 Comments
Read More
Leave a Reply. |