Malware
Dyre
aka Dyreza
The Dyre Banking Trojan, discovered in June 2014, targets online banking websites for credential theft and fraud.
The Dyre Banking Trojan, discovered in June 2014, targets online banking websites for credential theft and fraud. It uses a man-in-the-browser approach, encryption, and spam emails for distribution.
Dyre's architecture includes a dropper and main DLL module, with techniques for persistence and evasion. Its command and control infrastructure is hidden through proxies, and it can adapt using a domain generation algorithm and I2P integration. Researchers have linked Dyre to the Gozi and Neverquest families.
Family metadata imported from Malpedia (Fraunhofer FKIE).