Baltic, Banks, Security, Technology

 "According to IBM X-Force Research, Dridex configurations from the past two months are replete with a hefty count of targets in some more common countries, such as the U.S., U.K., Canada and Australia. However, the Trojan is targeting some less charted territories as well, such as Lithuania, Latvia, Estonia, Lebanon and Ukraine, to name a few. This is quite uncommon for any banking Trojan," Limor Kessem, cyber intelligence expert at IBM Security, said on the SecurityIntelligence.com website.

"Per its configuration files, Dridex currently targets over 20 Latvian banks, three banks in Estonia, three in Lithuania and one in Ukraine, among its other uncommon choices of late," Kessem said.

Dridex is a banking malware that sports multiple information theft routines to steal online banking information - one of these routines being the ability to 'inject' malicious code into certain websites that the affected user is currently viewing, the computer security company Symantec says in an overview of Dridex on its website.

It can also violate the privacy of its victims, as the login credentials stolen may also lead to the user's other online accounts, such as social media, being broken into and/or hijacked. The screenshots taken may also inadvertently expose more of the user's personal information.

In a typical attack, the victim gets an email with a Microsoft Word or Excel document attached. The document includes a payload that downloads malware, which is designed to target online banking information. The attacks lure the victims to open the attachment by using the names of legitimate companies, while some of the emails refer to an 'attached invoice' by stating it comes from a software company, online retailer or bank.