Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Dyre malware takes inventory of software on infected systems

Dyre malware takes inventory of software on infected systems

2014/09/26

Securityweek - (International) Researchers from Proofpoint analyzed a new variant of the Dyre (also known as Dyreza) banking trojan and found that several new features were added to the malware, including the addition of its own SSL certification and a feature that enables hackers to collect cookies, client-side certificates, and private keys from an infected computer's Windows Certificate Store. The latest version of the trojan can also extract a list of installed programs and services from an infected computer to be by hackers to determine which vectors can be exploited in the future.

Source: http://www.securityweek.com/dyre-malware-takes-inventory-software-infected-systems

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:21:51