Researchers analyze Dyre sample with new features

Discussion in 'malware problems & news' started by Minimalist, Sep 27, 2014.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,056
    http://www.scmagazine.com/experts-discover-new-features-in-dyre-malware/article/373968/
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I still wonder how to protect against data stealing malware. The only way is probably with file/folder protection, but would be cool if HIPS could do this out of the box, instead of having to make the rules yourself. :)

    From the article:

    "This Dyre variant uses a feature called ‘browsersnapshot' to collect cookies, client-side certificates, and private keys stored in browsers, Epstein said. Even if the malware does not intercept an active session, it may have enough information to allow an attacker to impersonate the browser identity and authenticate as the user, he explained."
     
    Last edited: Sep 28, 2014
  3. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
Loading...