New Malware Targets Organizations That Wire Funds

identity-theft3Cybersecurity researchers have been tracking a network system malware called Dyre Wolf. The latest version uses both malware and social engineering to target businesses that wire-transfer large amounts of money.
Security experts have found that the malware goes undetected by many of the anti-virus programs used by organizations as a first line of defense.
The attack starts with large-scale phishing emailings that try to fool the user into clicking on a link and installing the Dyre Wolf malware. When the infected victim tries to access a bank website, the victim instead sees a message stating the website is experiencing problems, and requests the user to call a given phone number.
What is shocking is that the Dyre Wolf malware is created to track hundreds of banking websites, yet supplies only one phone number for the victims to call. When the victim calls the number, the attackers somehow know which bank they are trying to access. The victim is then tricked into supplying their organization’s banking credentials. Within minutes of the phone conversation, the criminals have successfully wired the money to themselves.
The Dyer campaign is constantly evolving and seems to remain one step ahead of cyber defenses. Its success is demonstrated by the more than $1 million lost to this malware, and further emphasizes an organization’s need for protection. Dan Goodin “Dyre Wolf malware steals more than $1 million, bypasses 2FA protection,” (Apr. 3, 2015).
To avoid being trapped by this malware, look up the number of the institution and do not rely on the number on the email. Call the financial institution and ask if its website is down and ask the institution to confirm if the number you are viewing is one of its numbers. Finally, never provide your banking details over the phone, especially if requested by an online message.
Cybercriminals are becoming increasingly sophisticated in the way they execute their attacks, and organizations must stay vigilant to the varying ways their systems can be infected. Human error accounts for most data breaches, and the Dyre Wolf attack is an example of how these attacks rely on user negligence.
Employees who manage financial transactions or use wire transfers for payroll or other expenses must be trained to recognize phishing emails and question any request for banking credentials.
Because of the seriousness of the threat, organizations may want to consider strict policies on the disclosure of sensitive banking information, requiring employees to verify credential requests before fulfilling them. Employers should also have written procedures for reporting any suspicious online operations, and train employees on how and when to use those procedures.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s