How Does Dridex Hide Friends?

During an incident, CERT Sekoia investigated fraudulent money transfers. These transfers were made from a French firm account to other bank accounts based in different places in Europe. The fraud has been valued at 800 000 euros.

Initially, the bank of the French firm indicted an accountant officer of this firm for making these transfers. The transaction were made with 2FA authentication process.

CERT Sekoia has demonstrated that the accountant officer’s computer was compromised and his computer was certainly used to perform these transfers.

The compromising occurred in two stages: 

  • First, when Dridex arrived on the computer
  • Secondly, Dridex was used to download another malware (RAT).
Print Friendly, PDF & Email
Alexandra Toussaint

Alexandra Toussaint

Alexandra Toussaint

Latest posts by Alexandra Toussaint (see all)

Paul Rascagnères

Paul Rascagnères

Malware analyst at G DATA
Paul Rascagnères
Paul Rascagnères

Latest posts by Paul Rascagnères (see all)