Dridex and Locky, two prolific malware families that made waves in 2016 after being distributed in several high-volume spam campaigns, have returned after a brief hiatus. FireEye observed a decline in the volume of Dridex and Locky in the latter half of 2016, but we recently observed two new large campaigns. While the PDF downloader described in this post is responsible for spreading both Dridex and Locky, for the purposes of this Read more...
Entries filed under 'Robert Venal'
Threat Research Blog
FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.
Dridex and Locky Return Via PDF Attachments in Latest Campaigns
May 4, 2017 12:30 PM By Swapnil Patil, Robert Venal, Yin Hong Chang, Sudeep Singh | Advanced MalwareStop Scanning My Macro
March 21, 2016 8:30 AM By Robert Venal, Ronghwa Chong, Rex Plantado | Advanced MalwareCybercriminals continue to innovate, finding creative ways of making threats harder to detect using static signatures. A recent strategy involves two large Dridex campaigns that changed the attachment file type and location to avoid scanners.
Read more...Dridex Botnet Resumes Spam Operations After the Holidays
January 29, 2016 8:00 AM By Robert Venal | BotnetsThe Dridex botnet appeared to have slowed down during the 2015 holiday season but the prolific botnet has appeared again since January 1 and appears to be picking up momentum.
Holiday Season 2015 Email Campaign
January 25, 2016 8:00 AM By Mary Grace Timcang, Rex Plantado, Robert Venal, Joonho Sa | Advanced MalwareWe take an in-depth look at the most prominent malware families delivered via email campaigns throughout the 2015 holiday season.
Read more...
Sign up for email update
Get information and insight on today's advanced threats from the leader in advanced threat prevention.
