dridex

About this tag
Dridex is a peer-to-peer (P2P) bank credential-stealing malware that targets Microsoft Windows systems. It uses a decentralized network of compromised computers and web servers for command-and-control (C2) operations. Dridex often spreads through obfuscated macros in Microsoft Office documents. This tag covers alerts and technical information from agencies like CISA, the FBI, and the Treasury Department, including indicators of compromise and mitigation guidance for financial sector and enterprise IT environments. Discussions focus on malware analysis, botnet infrastructure, and defensive measures against Dridex variants.
  1. News

    AA19-339A: Dridex Malware

    Original release date: December 5, 2019 Summary This Alert is the result of recent collaboration between the Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to identify and share...
  2. News

    TA15-286A: Dridex P2P Malware

    Original release date: October 13, 2015 Systems Affected Microsoft Windows Overview Dridex, a peer-to-peer (P2P) bank credential-stealing malware, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control (C2). The United...
Back
Top