Cridex is a sophisticated strain of banking malware that can steal banking credentials and other personal information on an infected system in order to gain access to the financial records of a user.
The Cridex Trojan Horse spreads by copying itself to mapped and removable drives on infected computers. Cridex creates a backdoor entry point on infected systems, enabling the possibility for additional malware to be downloaded and run as well as conduct operations such as opening rogue websites.
This latter capability enables Cridex to capture the banking credentials of users on an infected system when the user attempts to visit and log into a financial web site. Cridex will surreptitiously redirect the user to a fraudulent version of the financial site and record the login credentials as they are entered.
At that point, Cridex gives the cybercriminal the ability to connect to the actual financial site from the infected system and execute fraudulent financial transactions.
Cridex’s Evolution from the GameOver Zeus Malware
Cridex was first discovered and identified in January 2012, and subsequent variants have also been referred to as Bugat and Feodo. The Cridex Trojan itself features many aspects of the GameOver Zeus (GOZ) malware, evolving from the GOZ malware as a way of conducting fraudulent financial transactions.
A new form of malware based on Cridex, known as Dridex, emerged in late 2014 and quickly spread via a spam e-mail campaign that initially generated 15,000 e-mails pet day.
- Web Scale IT (Web SCale Infrastructure)
Web-scale IT is the phrase used to reference a global-class of computing — or architectural approach — used to deliver the capabilities of large cloud service providers within an enterprise IT setting. The approach is to design, build and manage data center infrastructure where capabilities go beyond scale in terms of size to include scale […]
- Dridex Malware
Dridex is a strain of banking malware that leverages macros in Microsoft Office to infect systems. Once a computer has been infected, Dridex attackers can steal banking credentials and other personal information on the system to gain access to the financial records of a user. Dridex operates by first arriving on a user’s computer as […]
- Windows 10
Windows 10 is the latest release of Microsoft’s Windows operating system and the successor to the underwhelming Windows 8 (and Windows 8.1). Initially codenamed Windows Threshold, Windows 10 debuted on July 29, 2015, following a “technical preview” beta release of the new operating system that arrived in Fall 2014 and a “consumer preview” beta in […]
- Office Sway
Microsoft Office Sway is a new application in the Office Suite that provides a cloud-based, touch-enabled toolset for creating interactive documents. Office Sway is in many ways an evolution of Microsoft’s Word document and PowerPoint presentations applications, adding interactive, mobile-friendly capabilities to the traditionally static documents and presentations created by these apps. Microsoft Office Sway […]
- OpenStack Nova
OpenStack Nova is a component within the OpenStack open source cloud computing platform developed to provide on-demand access to compute resources by provisioning and managing large networks of virtual machines (VMs). Also known as OpenStack Compute, Nova offers “massively” scalable, on-demand, self-service access to compute resources such as virtual machines, containers and bare metal servers. […]