On the 15th of October, the US FBI and NCA (in the UK) arrested a key figure behind a banking scam responsible for the theft of tens of millions of dollars. The group, reportedly operating out of Eastern Europe, used Dridex malware to harvest banking credentials from individuals and businesses around the world, with the US, Japan and Germany sustaining the highest number of infections, followed closely by the UK, Canada and Australia.
Symantec has full details about the Dridex malware on its blog, including how it works and how to prevent infection.
Dridex is one of many financial Trojans in operation. And, while Symantec observed a 53 percent decline in financial Trojans in 2014 — largely due to takedowns and arrests — attackers continue to shift to new platforms to reach their targets. Notably:
- The nine most targeted financial institutions were attacked with over 40 percent of Trojans.
- Stolen bank accounts often sell for 5-10 percent of their balance value on the black market.