One fine day, 20 million UK pounds were stolen from UK banks, without any weapons or hostages. Though interestingly none of the robbers had any supernatural powers. Still the banks had to face one of the largest attacks in the history of the planet. Soon the attackers were spotted to be highly sophisticated and intelligent computer hackers, who made an extremely technologically advanced virus, which bypassed million dollars' worth of Cyber Security Controls. The name of the virus was “Dridex”. So far Dridex has caused $100 million in damages, to worldwide banks. So far only one attacker has been arrested.

First discovered by security researchers in November 2014, Dridex hogged the headlines following a global crackdown on its authors, who allegedly named themselves the “Evil Corp”. the crackdown was led by Britain’s National Crime Agency and American’s Federal Bureau of Investigation. Only one arrest had been made, of Andrey Ghinkul, a 30-year-old Moldovan living in Cyprus, who allegedly ran the network that permitted Dridex to safely and securely communicate with its owners.

In contrast to scores of other viruses, called “worms”, Dridex will never spread by itself. Rather, the victim has to be specifically targeted for the early infection email by the virus’s creators. Nevertheless, a research report from Fujitsu showed the creators were making use of a database of 385 million electronic mail addresses to send the initial strikes, saying that the targets were widespread.

This is how the attack works: the target receives an electronic mail with a Microsoft Word or even Excel document attached. The document contains a payload that downloads virus known as 'Dridex', which is designed to target online financial data. The strikes lure the preys to open up the attachment by using the names of genuine companies situated in the U.K. Some of the emails refer to an 'attached invoice' by declaring it comes from a software program company, online merchant or even financial institution.

As soon as the individual opens the attachment, Dridex virus is installed. The cybercriminal company behind this attack has utilized each and every kind of spam attack and also malware propagation vector; from plain virus attachments, hyperlinks in the message body that redirect to an exploit package landing page, malicious PDF attachments as well as document macros, and so on.

After installation, Dridex has a good deal of control over the user’s PC. It can upload, download as well as operate programs, and also snoop on internet surfing by directly taking a look at network traffic as well as by taking screenshots of the web browser window. The virus as well adds the personal computer to the broader Dridex “botnet”, that allows its controllers to communicate with the affected personal computer through others, safeguarding them from law enforcement.

Then, it stays on the infected PC, waiting around to grab logins to high-value services and banking information, which is the primary target of the attack. It also keeps a close watch for other sign in credentials like social media.

Shielding oneself against a Dridex infection is not too different from how one would protect oneself from other virus attacks. Windows users would be wise to ensure they have got an updated antivirus application working on their computer that ought to be capable of intercepting the infected attachments before they can be found.

Users should be careful of opening attachments forwarded from unrecognised electronic mail addresses, especially (with this instance) Word and also Excel data files; additionally they need to turn off macros in Microsoft Office, or at best set them to ask for authorization before they are run.