Be aware the banking trojan virus

Dridex malware
  


Dridex is a strain of banking malware that leverages in microsoft office to infected system. Once a computer has been infected by this then infection begins start. Dridex attacker can steal banking credentials and other personal information of the system to gain access to the financial recored of user. It's distributed by spam email through an email attachment the most common ways.
The target of this malware are windows user who open email attachment or word and excel file cause macro is active and download the dridex malware.
This malware install keyboard listener for bank information and performs the injection attacks. The main objective of this malware is to steal bank information. Dridex attack had been detected more then 20 countries.
Once the user opens the attachment, Dridex malware is installed. Users must enable macros in order for the malicious documents to work, and the some of the documents contain instructions on how to do just that. 
The attacker group behind this attack has used every single type of spam attack and malware propagation vector; from simple malware attachments, links in the message body that point to an exploit kit landing page, malicious PDF attachments and document macros, etc.
What happen when user executed this threat on their system ??
When user executed this threat then attacker can perform the following action :-

- Upload files
- Download files
- Executed files
- Monitor network traffic
- Taking browser screenshot.
- Add the compromised computer to a botnet
- Download and execute additional files
- Inject itself into browser processes for Internet Explorer, Chrome, and Firefox  in order to monitor communications and steal information. 


What can I do to stay safe?

The guidance for protecting against a Dridex infection is the same as most other malware attacks. Windows users should ensure they have an up-to-date antivirus program running on their computer, which should be able to intercept the infected attachments before they are seen. Users should also be careful of opening attachments sent from unauthorized email addresses, particularly
[in this instance]  Word and Excel files; and they should disable macros in Microsoft Office,  or at least set them to request permission before they run.




Comments