Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How does the banking Trojan Dyreza exploit Windows 10?

A variant of banking Trojan Dyreza has begun to target Windows 10. Expert Nick Lewis explains the new attack functionalities, and Windows 10 and user vulnerabilities.

A recent report claims the banking Trojan Dyreza has returned, and the new variant has features that target Windows...

10. What's different about Dyreza this time around, and how does it attack Windows 10?

Malware targeting Windows 10, or any version of Windows for that matter, shouldn't surprise anyone. While Windows 10 might still only be a small part of the Windows ecosystem, its presence is only going to grow and become a larger target. Windows 10 has undergone many security improvements, including providing the ability to manage software installed in the same way it is done on smartphone app stores. The app store functionality, however, is something an enterprise can optionally enable, so some of the same vulnerabilities as before will still exist, such as a user accidentally installing malware if he has administrative access or the ability to install software outside of the app store.

Dyreza is similar to the Zeus malware and has much of the same functionality, targeting online banking services in more than just the U.S. Dyreza exploits the same vulnerabilities that malware has been abusing for 20 years or more. It starts with a spam email, often riddled with spelling and grammar mistakes, telling the recipient to open an attachment or visit a certain URL. The attachment or URL will deliver the initial downloader malware to the system, so the rest of the malware can be installed. Once installed, the malware starts capturing the banking information and sending it to the attacker on the command-and-control servers. The updated Dyreza now also has functionality for disabling endpoint security software. Dyreza can also target Microsoft's new Web browser Edge.

Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Learn about enterprise controls to defend against banking Trojan Dridex

Find out if your enterprise should make the upgrade to Windows 10

Read more about how banking malware Vawtrak bypasses two-factor authentication

This was last published in April 2016

Dig Deeper on Microsoft Windows security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What has been your experience with the Dyreza Trojan?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close