The Department of Electronic Crime warns: Beware dangerous email
Alarm has meant to Address Cyber Crime Unit after the emergence of a new virus, which "settle" in the computer and monitor everything!
The dangerous virus was codenamed «Dridex Malware» has the power to intercept private data, such as login details to bank accounts, electronic payment services, input data to email, social media, etc.
From police investigations of Electronic Crime Division established that in the last period sent and moving through Internet e-mail messages that include malicious file attachment (usually of the form .doc, .xls, .pdf), which contains macro (macro ).
The attached file is reported to be an invoice or other accounting document which first appears legitimate, in order to "fool" the recipient and lead to opening.
By default, a document «Word», macros are disabled. However, opening the attached document, the user is asked if he wants to the mount and if so, the embedded malicious macro runs, the computer is infected and installed this virus «Dridex».
What does «Dridex»;
According to the notice of the Department of Electronic Crime:
Uploads / downloads / executes files
It monitors network traffic
Take snapshots of the screen (screenshots)
Removes the user rights of the computer administrator (botnet)
Communicates with servers to receive configuration files (configuration files)
Generally affects processes such as Internet Explorer, Chrome, Firefox to monitor communications.
From Address Electronic Crime recommended internet users:
a. Do not open e-mails whose origin or the content is not certain, especially if the attachments require that you enable macros. These files should be deleted immediately.
b. If possible, be off the ability to activate macros at central management and operating system configuration (Group Policy), in an organization.
c. To use anti-virus protection with real-time protection (real - time).
d. using suitable filters to protect against spam, so this type of messages, which is based on the spread of the virus «Dridex», can not be displayed on incoming messages or, if they appear, to completely prevent malicious content.
e. In case of suspicion of contamination, change directly using another machine, uncontaminated, all passwords, especially in bank accounts, electronic payment services, social media, etc.
Alarm has meant to Address Cyber Crime Unit after the emergence of a new virus, which "settle" in the computer and monitor everything!
The dangerous virus was codenamed «Dridex Malware» has the power to intercept private data, such as login details to bank accounts, electronic payment services, input data to email, social media, etc.
From police investigations of Electronic Crime Division established that in the last period sent and moving through Internet e-mail messages that include malicious file attachment (usually of the form .doc, .xls, .pdf), which contains macro (macro ).
The attached file is reported to be an invoice or other accounting document which first appears legitimate, in order to "fool" the recipient and lead to opening.
By default, a document «Word», macros are disabled. However, opening the attached document, the user is asked if he wants to the mount and if so, the embedded malicious macro runs, the computer is infected and installed this virus «Dridex».
What does «Dridex»;
According to the notice of the Department of Electronic Crime:
Uploads / downloads / executes files
It monitors network traffic
Take snapshots of the screen (screenshots)
Removes the user rights of the computer administrator (botnet)
Communicates with servers to receive configuration files (configuration files)
Generally affects processes such as Internet Explorer, Chrome, Firefox to monitor communications.
From Address Electronic Crime recommended internet users:
a. Do not open e-mails whose origin or the content is not certain, especially if the attachments require that you enable macros. These files should be deleted immediately.
b. If possible, be off the ability to activate macros at central management and operating system configuration (Group Policy), in an organization.
c. To use anti-virus protection with real-time protection (real - time).
d. using suitable filters to protect against spam, so this type of messages, which is based on the spread of the virus «Dridex», can not be displayed on incoming messages or, if they appear, to completely prevent malicious content.
e. In case of suspicion of contamination, change directly using another machine, uncontaminated, all passwords, especially in bank accounts, electronic payment services, social media, etc.
