Credential Stealing Trojan Updated For Windows 10

This post is also available in: עברית (Hebrew)

Improved security was touted as one of the main advantages of Windows 10 over previous versions, as well as Microsoft’s newly launched Edge browser that replaces the outdated Internet Explorer.

Now, that edge has been whittled away. The trojan Dyreza, aka Dyre, has received its own updated version, and now target computers running Windows 10. A variant that specifically targets Microsoft Edge has also been spotted in the wild.

The trojan, specifically designed to steal sensitive information, often banking related information, is now able to kill several security-related processes in order to infiltrate a system more effectively.

Over 80,000 Windows machines have been infected to date, since the trojan appeared in July 2014. The original outbreak was spread by a spam campaign that targeted a wide swath of users.

Poor technical education allows for the spread of such malicious software, with users often unsure which sites and emails are to be trusted and which pose a significant risk.

While computers running Windows 10 and Microsoft Edge make for only a fraction of computers worldwide – Windows 10 is present on only eight percent of systems – Dyreza’s update should raise serious concerns for anyone who has been thinking of upgrading to the latest version.

Besides its new capabilities, Dyreza is able to exploit vulnerabilities in Google Chrome, Firefox, and the older Internet Explorer. Windows operating systems going all the way to the now eight-year-old Vista are vulnerable.

Aside from banking websites, the trojan has been known to target supply-chain businesses, and steal credentials in bulk.