The Department of Homeland Security's US-CERT team is the latest entity to alert users of attacks spreading credential-stealing malware Dyre.
In a Monday announcement, US-CERT said that, since mid-October, a phishing campaign has targeted “a wide variety of recipients." While “elements of the phishing campaign vary from target to target” – such as the exploits, email themes, and claimed senders – the end result is the same, the alert said.
“A system infected with Dyre banking malware will attempt to harvest credentials for online services, include banking services,” the alert continued. US-CERT included phishing email characteristics, such as misspelled email subjects like “unpaid invoic,” and indicators of successful exploitation in its alert.
Last week, Trend Micro and ThreatTrack Security warned of Dyre attacks targeting users running vulnerable versions of Adobe Reader and Acrobat with the goal of stealing bitcoin wallet site credentials.