What is Dyre malware?
Dyre is a banking Trojan that targets Windows computers and can steal banking and other credentials by attacking all three major web browsers (Internet Explorer, Chrome, and Firefox). Aside from stealing credentials, it can also be used to infect victims with other types of malware, such as adding them to spam botnets.
Dyre has reportedly been used in a succession of phishing campaigns across the globe, including attacks against major brand names such as the Royal Bank of Scotland, Citigroup, JPMorgan Chase and Bank of America.
It is one of the most sophisticated pieces of crimeware in existence.
How does it work?
Dyre malware attempts to steal sensitive user information, particularly banking information, by intercepting this information when it is passed between your web browser and the target website.
Once it infects a host machine, Dyre malware replicates and sends itself out to everyone in your contact list. Anyone that gets infected in turn sends out an entirely new variant. Dyre is mainly spread using spam emails. In most cases, the emails masquerade as businesses documents, voicemail, or fax messages.
What is so special about Dyre malware?
If the victim clicks on an email’s attachment, they are redirected to a malicious website which will install the Upatre downloader on their computer. The account takeover attempt can be so fast that the victim can still be navigating the fake website after the criminal completed the money transfer to a mule account.
Sometimes, if the target didn't enter their banking passwords into the fake web page, the hackers would call them directly over Skype, pretending to be the bank and encouraging them to hand over login information.
Recently added data collection capabilities allow the Trojan to gather information regarding the infected PC’s browser, cookies, certificates and OS attributes.
How to prevent Dyre from infecting my PC?
It is very difficult to fight Dyre attacks with traditional fraud controls such as antivirus, authentication, statistical risk engines and device IDs - usually even ineffective.
These controls were made to stop the previous generation of threats and were never designed to combat today’s sophisticated malware attacks. Antivirus software, which relies on identifying known malware signatures, was never designed to detect a fast-evolving Trojan such as Dyre, which sometimes releases a new binary code version every three days.
The best thing to do is to install protection on time so you could be protected from the start.
Does Zemana protect me from it?
Yes, it does. If you are looking for a solution to detect or to protect you from Dyre, you need to install an antimalware security software or a software that offers anti-keylogging protection. Additional layers of protection such as our Zemana AntiMalware or Zemana AntiLogger do no rely on traditional malware signatures.
Due to their behavioral characteristics, they are designed to block all kinds of suspicious activities on users’ PC. This way, they are very successful in fighting zero-day malware.
You can download Zemana AntiLogger for free (it comes with 15-days free trial). It will detect any type of malware on your PC and remove it.
However, if you decide to continue using the Trial and do not wish to purchase the Premium subscription at the end of the trial, your Zemana AntiLogger program will disable premium features. All other (basic) features will remain unchanged.
Zemana AntiLogger as a Dyre removal tool for your PC
If you are looking for a solution that will help you in removing Dyre, download our Zemana AntiLogger, that will provide you with necessary Secure SSL and Keystroke Logging Protection. It is important to note that Zemana AntiLogger is compatible with any antivirus software that you might have on your PC and will run alongside it without any conflicts.
Below you can find a guide on how to detect and remove Dyre with Zemana AntiLogger.
- STEP 1: Download Zemana AntiLogger here.
- STEP 2: Once downloaded, install the software on your PC. You can do this by double-clicking on ZAL program icon on your desktop or in your downloaded files.
- STEP 3: Press the "Scan" button.
- STEP 4: When the scan is complete, click "Next".
- STEP 5: Restart your computer if you are prompted to do so.