The infamous DYRE banking malware is on the rise again, after related infections increased 125 per cent in the first quarter of 2015.
A new variant of the malware is behind the recent spike in infections, with spam emails being the primarily method used to spread the malicious attachment.
Internet security firm Trend Micro found that DYRE infections have increased globally from approximately 4,000 in the last three months of 2014 to 9,000 at the start of 2015. Europe, the Middle East and Africa saw an increase of 39 per cent, while infections in North America rose by 38 per cent. Asia Pacific nations also experienced an increase of 19 per cent.
The UK was the fourth most affected country in Europe, accounting for nine per cent of European infection and three per cent worldwide.
The growth has been driven by a renewed effort on the part of email spammers, and a modified version of DYRE, dubbed TSPY_DYRE.IK. The UPATRE downloader that is used to spread the malware has also been adapted to disable firewalls and other security measures, making it easier for the DYRE strain to be passed on.
Bharat Mistry, cyber security consultant at Trend Micro, explained that cybercriminals are using increasingly sophisticated methods to target individuals and businesses.
“As more users turn to Internet banking, cybercriminals are also focusing their attention on easy targets for the bigger payout”, he said. “The quality of the applications and security controls on mobile platforms are still maturing and cybercriminals are seeing these as ‘easy pickings’. The criminals carrying out this latest string of attacks are using numerous sophisticated techniques. The resulting banking credentials theft is the focus and is ultimately what is used to illicitly transfer money from victims’ accounts.”
Email users are inundated with spam messages on a daily basis, so the best way of avoiding malicious downloads is to remain vigilant, scrutinise emails before opening and have a robust anti-malware software package in place.