The ever vigilant IBM Security group has caught wind of the Dyre Wolf campaign. Making use of a version of the Dyre malware, the attack has managed to scoop up between $500,000 and over $1 million.
Dyre first hit in the summer 2014 and makes use of man-in-the-middle tactics. Basically the attacker sends customers to a fake site for their bank after they’ve opened a suspicious link or attachment unknowingly. When the user signs in their credentials are nabbed.
From there a process of taking over the user’s account takes place. The Dyre Wolf assault takes Dyre a step further by allowing for attackers to find their way around two-factor authentication, the preferred method of protecting social media accounts.
The new bold attack sees users visit the fake site only to find out that the banking site they believe is legit is facing downtime or whatever issue. The false site suggests that the user call support and attackers and/or their network will dupe the victim into handing over their password and account sign-in.
From there, the money is pulled from the account and cycles through a network of foreign banks to throw off law enforcement and detection. IBM Security said that the attacks “campaign highlights the fact that organizations are only as strong as their weakest link, and in this case, it’s their employees.”
IBM puts human error at 95 percent as the means of which Dyre Wolf has been so successful. While no actual steps have been mentioned as means to avoid having to deal with Dyre, it comes down to the tried and true suggestion of not opening suspicious links or attachments.