Enterprise bank accounts targeted in new malware attack

IBM has identified a new targeted attack, called Dyre Wolf, that has already bilked organizations of untold sums of money

How companies are targeted by Dyre Wolf

How companies are targeted by Dyre Wolf

A combination of new malware and old-fashioned social engineering has been used to rob companies of more than US$1 million, according to a new study from IBM.

The attacks, dubbed "Dyre Wolf" by IBM, suggests the work of experienced online criminals brazenly attempting to rip off large organizations.

"As we continue to see, cybercriminals grow in resourcefulness and productivity at alarming rates. They are sharing expertise on a global scale via the deep Web and launching carefully planned, long-term attacks to attain the highest return on investment," wrote John Kuhn, IBM senior threat researcher, in a blog post co-authored with fellow IBM researcher Lance Mueller.

Dyre Wolf uses a variant of Dyre, which is malware written to target the websites of hundreds of banks..

"Since its start in 2014, Dyre has evolved to become simultaneously sophisticated and easy to use, enabling cybercriminals to go for the bigger payout," Kuhn wrote. An organized but as-of-yet unidentified group of attackers also rely on talking to users by phone, in order to bypass the two-factor authentication most organizations have put in place to thwart online attacks

Since October, IBM has seen a spike in the infection rate of Dyre on corporate networks, spiking from 500 instances to nearly 3,500. It estimates that anywhere from $500,000 to $1.5 million has been lost through Dyre-based attacks

IBM posted a paper outlining in detail how the attack works.

A user is tricked into installing the Dyer software on the machine by the usual means, perhaps by clicking on a malicious e-mail attachment.

The installed program remains silent until a user attempts to log onto a bank website recognized by Dyre. At that point, a Web page will pop up explaining the site is experiencing technical difficulties and that the user should call the help center to gain access.

The attackers are sophisticated enough to rig the software so that when the user calls, the attackers answer the phone posing as a representative from the bank. They then trick the user into giving up the password. By the time the phone call is finished, money is already transferred out of the enterprise's account and is rapidly moving across different banks around the globe to evade detection.

IBM has estimated that 95 percent of all corporate attacks rely on some form of human error.

Most employees have already been trained not to click on unknown documents received by e-mail, as well as to not give up passwords over the phone. A single inattentive user, however, could result in the loss of large sums of money.

To guard against Dyre Wolf, security professionals should reinforce company best practices that should already be in place. Employees should be reminded that banks never ask for passwords and that they should report any suspicious behavior. An organization may also wish to carry out mock-attacks to ensure that employees are fully trained on how to handle such incidents, Kuhn said.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags IBMsecuritymalware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joab Jackson

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?