Beware, new malware: The Electronic Crime Investigation Directorate as part of its preventive action to prevent fraud against the constantly changing forms of malicious software running on the Internet informs citizens of the emergence of malware "Dridex Malware".
Πιο αναλυτικά, από τις έρευνες εξειδικευμένων αστυνομικών της Διεύθυνσης Δίωξης Ηλεκτρονικού Εγκλήματος διαπιστώθηκε ότι κατά το τελευταίο χρονικό space αποστέλλονται και διακινούνται μέσω διαδικτύου μηνύματα ηλεκτρονικού ταχυδρομείου (e-mail), που περιλαμβάνουν κακόβουλο επισυναπτόμενο αρχείο (συνήθως της μορφής .doc, .xls, .pdf), το οποίο περιέχει μακροεντολή (macro).
In particular, the attached file is allegedly an invoice or other type of accounting document, which initially appears legitimate, in order to "trick" the recipient and lead him to open it.
By default, in a "Word" document, macros are disabled. However, by opening the attached document, the user asks if they want to activate them, and in the positive case, the embedded malicious macro is running, the computer is infected and the Dridex virus installed on it.
This malware has the ability to:
-
intercepts private data such as bank account entry data, electronic payment services, login to email, ftp, social media, etc.,
-
uploads / downloads / executes files,
-
monitors network traffic,
-
takes screen shots (screenshots),
-
removes the user's botnet permissions,
-
communicates with servers to receive configuration files,
-
γίνεται επηρεάζει διεργασίες, όπως Internet Explorer, Chrome, Firefox προκειμένου να παρακολουθεί τις επικοινωνίες.
In this context, the Internet Crime Division recommends Internet users:
a. not to open emails whose source or content is not certain, especially if the attached files require macro activation. These files should be deleted immediately.
b. if possible, enable macros activation at the level of central management and Group Policy setting in an organization.
c. use antiviral protection with real-time protection.
d. to use appropriate filters to protect against spam, so that such messages, where the spreading of the "Dridex" virus is based, do not appear in the incoming messages or, if they appear, completely prevent malicious content.
e. in case of suspicion of infection, to immediately change, using another machine, not infected, all codes access, especially in bank accounts, electronic payment services, Social Media, etc.
It is reminded that, in any case, citizens can contact, anonymously or by name, the Electronic Crime Prosecution Directorate to report the acts against them or to receive instructions – tips:
-
Phone: 111 88
-
Sending e - mail to: ccu@cybercrimeunit.gov.gr
-
Through the application for smart phones, with iOS - Android operating system: CYBERKID
-
Via Twitter "SOS Cyber Alert Line": @cyberalert