The virus known as Dyre strikes over 1,000 banks, companies around the globe; targets Windows computers by hijacking the three most commonly used web browsers — Google Chrome, Firefox and Internet Explorer.
Dubai – A sophisticated new computer virus, which steals financial information poses an imminent threat to UAE bank customers, according to a cyber security expert from American technology company Symantec.
The virus known as Dyre targets Windows computers by hijacking the three most commonly used web browsers — Google Chrome, Firefox and Internet Explorer.
So far, Dyre has struck at more than 1,000 banks and companies around the globe, according to Symantec. While American and British institutions are the most targeted, 12 UAE banks have been targeted in the last year, resulting in nearly 400 attacks on local customers.
“Its main purpose is to steal banking credentials, such as details used to log into your bank account — user name, password, pin number. The basic things a bank uses to verify your identity,” explained Dick O’Brien, senior information develope, Symantec.
“It’s also used to deliver other forms of malware to a victim, for example add you to a ‘botnet’ that’s used to send out spam e-mails. It’s a multi-pronged threat.”
According to Symantec, Dyre is mainly spread through spam e-mails, often disguised as business-related attachments. Once the attachments are opened, a downloading tool is surreptitiously installed, which then collects intelligence on a victim and attempts to disable security software, before installing Dyre itself.
“There are a number of steps you can protect yourself. One of the main ones is to use good security software and keep it up to date, because that will detect Dyre or other similar threats,” O’Brien said.
“But also exercise caution when you receive e-mails. Be careful about opening them and also be careful about opening attachments. If something doesn’t look legitimate or doesn’t look right, you’re better off leaving it.”
O’Brien added that Symantec believes the criminals behind Dyre are located in Eastern Europe or Russia.
“We have a number of things to indicate in these areas. For example, the time-stamps on the software they develop is indicative of someone working during a working day in those areas. Their communications with their command and control servers spike in these times, and also a lot of their infrastructure seems to be located in these countries,” he said.
O’Brien also noted that the group behind Dyre is likely to be full-time, professional cyber criminals.
“I would say that the key players are career cyber criminals. They do these kind of job. It’s not a sideline for people working in other fields.”