The Dyre banking Trojan made its first debut in June 2014, targeting large financial institutions across the globe. In September, PhishLabs’ R.A.I.D (Research, Analysis, and Intelligence Division) observed a number of enhancements to the banking Trojan that further increases the danger of the threat.
Banking Trojans Expand Beyond Financial Targets
The most recent attack utilizing the Dyre Trojan targeted the cloud computing company, Salesforce.com. Historically, banking Trojans were used to steal account credentials of banking customers but now sensitive business data is being stolen from companies in the healthcare industry, retail, software industry and others. Malicious software developers are seeking access to organizational systems and operating systems to steal data that would aid in identity theft for purposes of committing fraud. Attackers remain patient and persistent; evolving the tools, harvesting the data and attacking when it is unexpected.