Dridex banking malware mysteriously hijacked to distribute antivirus program

Users tricked by spam messages to open malicious Word documents that distribute the Dridex online banking Trojan might have a surprise: they’ll get a free anitivirus program instead.

That’s because an unknown person — possibly a white hat hacker — gained access to some of the servers that cybercriminals use to distribute the Dridex Trojan and replaced it with an installer for Avira Free Antivirus.

Dridex is one of the three most widely used computer Trojans that target online banking users. Last year, law enforcement authorities from the U.S. and U.K. attempted to disrupt the botnet and indicted a man from Moldova who is believed to be responsible for some of the attacks.

To read this article in full or to leave a comment, please click here