Dyre Wolf is a new malware based on the banking-focused Trojan Dyre that is capable of raiding the bank accounts of enterprises for over $1 million with every attack.
IBM Managed Security Service's senior threat researcher John Kuhn said that Dyre is operated by a cybercrime syndicate, and that it is now being used to attack corporate accounts through the incorporation of sophisticated social engineering tactics.
While the usual banking-focused Trojan targets individual accounts, the Dyre Wolf focuses on corporations. While Dyre has always been used to launch attacks against big companies, the Dyre Wolf is specifically targeted against organizations that often carry out wire transfers of large amounts of money.
Dyre begins infiltrating an organization through Outlook e-mails sent to employees with attachments that claim to be package tracking notifications or fax messages. However, the attachment is actually Upatre, software that is designed to download the dreaded Dyre.
Once the Trojan has been downloaded, Dyre will look to spread to other employees through Outlook. Dyre then monitors affected users to wait until they log on to a bank website that Dyre is programmed to monitor.
Once the employee attempts to log on to the bank website, Dyre will show a message that states the account is undergoing issues, and that the user should call the phone number that is provided in the message.
Users that call up the phone number speak to a real person, not an automated message. The person is in fact part of the Dyre Wolf attack, and will know the company that the caller is working for. The person then dupes the employee while making a money order from the account of the company. Then while the money is being transferred through several banks in order to hide its trail, the website of the company will receive a distributed denial of service attack, which will keep the security and IT personnel of the company busy.
There have been many other similar attacks against businesses that exploit the ignorance of employees, and despite companies loading up on security software and initiating security training, the presence of such employees can always be counted on by attackers such as those perpetrating the Dyre Wolf attack.
According to the IBM Cyber Security Intelligence Index, 95 percent of attacks carried out on organizations is made possible due to human error, underscoring the fact that a company's employees is its weakest link when it comes to cybersecurity.