FBI and Join UK Against Forces Against Spread of Dridex Banking Malware (nationalcrimeagency.gov.uk)

← Back to Stories (view on slashdot.org)

FBI and Join UK Against Forces Against Spread of Dridex Banking Malware (nationalcrimeagency.gov.uk)

Posted by samzenpus on Wednesday October 14, 2015 @09:34AM from the working-together dept.

An anonymous reader writes: The UK's National Crime Agency (NCA) has issued a warning to UK online banking consumers to guard against the possibility of having been infected by the Dridex malware, which spreads via macros in infected Microsoft documents and is currently estimated to have cost £20mn to UK consumers. The NCA says that it is working with the FBI and several European authorities in a concerted campaign to take down the botnet behind the current crop of infections. Dridex is a derivative of the Cridex strain of banking malware, which itself stole many techniques from the GameOver Zeus malware package.

70 comments

Min score:

Reason:

Sort:

Windows by Anonymous Coward · 2015-10-14 09:37 · Score: 0

Is there anything that Windows won't let in? It's like a goddamned Kardashian.
Title errors by Anonymous Coward · 2015-10-14 09:37 · Score: 5, Insightful

That's one of the worst cases of non editing I've seen in a Slashdot title
1. Re:Title errors by Anonymous Coward · 2015-10-14 09:52 · Score: 2, Interesting
  
  FBI and Join UK Against Forces Against Spread of Dridex Banking Malware
  My brain melted a little trying to parse that. Can someone with a weak grasp of English make any sense of it?
2. Re:Title errors by zAPPzAPP · 2015-10-14 09:59 · Score: 3, Funny
  
  FBI and John from the UK forced Didrex off spreading Malware, Again!
3. Re:Title errors by Anonymous Coward · 2015-10-14 10:00 · Score: 0
  
  It's George W. Bush's fault obviously (and the murdering anti-Christ VP Cheney).
4. Re:Title errors by Opportunist · 2015-10-14 10:07 · Score: 1
  
  So it wasn't me, there is really a missing?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
5. Re:Title errors by galabar · 2015-10-14 10:10 · Score: 1
  
  That literally hurt my brain when I read it. Well, something on the inside or outside of my skull, under the skin, in the forehead area... literally.
6. Re:Title errors by Anonymous Coward · 2015-10-14 10:33 · Score: 0
  
  Looks like the order word is wrong.
7. Re:Title errors by stafil · 2015-10-14 10:37 · Score: 1
  
  Title is fine. FBI and a new, so secrete service that cannot be named, joined UK..
8. Re: Title errors by Anonymous Coward · 2015-10-14 23:28 · Score: 0
  
  The enemy of my enemy's enemy is my... what?
9. Re:Title errors by UncHellMatt · 2015-10-15 02:24 · Score: 1
  
  That headline made my brain wibble butter wombat Finland.
10. Re:Title errors by thoughtlover · 2015-10-15 09:04 · Score: 1
  
  Anonymous 'reader' submitted... Maybe a bot wrote the title (and synopsis).
  
  --
  No sig for you! Come back one year!
what did you do to the poor title? by Anonymous Coward · 2015-10-14 09:38 · Score: 1

Wow, haven't seen a title butchered like that posted online.....ever. Well done.
I don't even know where to begin... by Anonymous Coward · 2015-10-14 09:40 · Score: 0

FBI and Join UK Against Forces Against Spread of Dridex Banking Malware
Seriously?
1. Re:I don't even know where to begin... by Anonymous Coward · 2015-10-14 09:53 · Score: 0
  
  It's too bad to ignore -- the headline seems engineered to induce pain the the language recognition center of the brain!
2. Re:I don't even know where to begin... by BronsCon · 2015-10-14 10:26 · Score: 1
  
  I read it aloud to my wife. Even though I prefaced it with "I uh... can't... just... these words... I... no... word... parsing error" she still asked me if I was having a stroke.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
3. Re:I don't even know where to begin... by Hognoxious · 2015-10-14 19:21 · Score: 1
  
  OK, let's work backwards. "Dridex Banking Malware" is pretty clear cut.
  There are some forces that are trying to stop it spreading.
  Now the FBI is opposed to those forces (presumably it wants the malware to spread) and to further that goal it's entered into an alliance with somebody - possibly a British timber merchant.
  Do I have to do all the thinking round here?
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Engrish much? by Anonymous Coward · 2015-10-14 09:44 · Score: 0

This is why slashdot articles should be proofread by someone who speaks English as their first language. It really is sad how bad slashdot is now a days. It's like the staff just don't care anymore.
1. Re: Engrish much? by Anonymous Coward · 2015-10-14 09:50 · Score: 0
  
  Due to budget cuts, graft, and lawsuit settlements, Slashdot is now staffed by H1-B and offshore dot heads, hence the poor English.
2. Re:Engrish much? by U2xhc2hkb3QgU3Vja3M · 2015-10-14 10:16 · Score: 1
  
  "now a days"? Are you from the 14th century?
3. Re:Engrish much? by Anonymous Coward · 2015-10-14 10:48 · Score: 0
  
  wisly icham, werefore dost thou ax?
4. Re: Engrish much? by Anonymous Coward · 2015-10-14 10:48 · Score: 0
  
  Heck, even someone who speaks it as a secondary language is likely to do better.
For the love of Satan by Anonymous Coward · 2015-10-14 09:48 · Score: 0

Just hire a god damn intern to read everything once before it gets posted.
Like fuck.
What kind of headline is that? by Roger+Wilcox · 2015-10-14 09:49 · Score: 5, Insightful

Is someone trying to be cute with that absurdly convoluted headline?
It is impossible to parse at first glance and difficult after several times.
I have come to expect better from the editors here...
1. Re:What kind of headline is that? by Anonymous Coward · 2015-10-14 09:51 · Score: 0
  
  I have come to expect better from the editors here...
  Why?
2. Re:What kind of headline is that? by Roger+Wilcox · 2015-10-14 09:52 · Score: 1
  
  Normally the headlines are easily readable, if not always completely accurate.
3. Re:What kind of headline is that? by Anonymous Coward · 2015-10-14 09:53 · Score: 1
  
  Are you suggesting that you were able to eventually parse it and produce something meaningful? If so, would you mind sharing your results?
4. Re:What kind of headline is that? by Roger+Wilcox · 2015-10-14 09:57 · Score: 2
  
  As near as I can tell: (FBI) and (Join UK) Against (Forces Against Spread of Dridex Banking Malware) ...not that it makes much sense even so.
5. Re:What kind of headline is that? by Anonymous Coward · 2015-10-14 09:57 · Score: 1
  
  I read the title as "FBI and UK join forces against spread of dridex banking malware."
  It wasn't until I read your post that I saw that it was butchered horribly. :)
6. Re:What kind of headline is that? by Anonymous Coward · 2015-10-14 10:00 · Score: 0
  
  FBI and UK Join Forces Against Spread of Dridex Banking Malware
  There, fixed it for ya! :)
7. Re:What kind of headline is that? by Kneo24 · 2015-10-14 10:08 · Score: 1, Insightful
  
  I love how all of the comments so far are about the god awful editing of the title instead of the actual story itself.
8. Re: What kind of headline is that? by Anonymous Coward · 2015-10-14 10:37 · Score: 5, Informative
  
  Right. The real story is Word macros are still an attack vector. That's fucking sad. It's been 20+ years and they just remove the broke feature that nobody uses except to infect others. At least with Flash they have to come up with a new exploit every now and then. With Word macros, there is no exploit, you can just infect all you want.
9. Re:What kind of headline is that? by KitFox · 2015-10-14 11:08 · Score: 1
  
  I love how all of the comments so far are about the god awful editing of the title instead of the actual story itself.
  The focus is on what is important to readers.
  
  --
  @Whee
To paraphrase Samuel L Jackson by Anonymous Coward · 2015-10-14 09:54 · Score: 5, Funny

English motherfucker - do you speak it!?!
that title is worse than yoda speaking when on crystal meth...
1. Re:To paraphrase Samuel L Jackson by Opportunist · 2015-10-14 10:10 · Score: 1
  
  I still have this feeling that Yoda's problem with language was created by someone who had to program in RPN for far too long. Sure sound like it it does.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
2. Re:To paraphrase Samuel L Jackson by Anomalyst · 2015-10-14 12:01 · Score: 2
  
  meessa thinkin yousa may be correct
  
  --
  There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
WTF? by tuxgeek · 2015-10-14 09:57 · Score: 1, Troll

"FBI and Join UK Against Forces Against Spread of Dridex Banking Malware"
4 words: Spell grammar check and
it Use whenever thinking posting about on /.
moron ..

--
"Suppose you were an idiot...and suppose you were a member of Congress...but I repeat myself." Mark Twain
1. Re:WTF? by Anonymous Coward · 2015-10-14 11:59 · Score: 0
  
  4 words: Spell grammar check and
  it Use whenever thinking posting about on /.
  moron ..
  Are... uh... are you sure you want to be criticizing people on their spelling and grammar?
2. Re:WTF? by I'm+New+Around+Here · 2015-10-14 14:01 · Score: 0
  
  It's called sarcasm, idiot.
  
  --
  If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
3. Re:WTF? by elvesrus · 2015-10-14 14:05 · Score: 1
  
  https://www.youtube.com/watch?...
Whatever happened to that dude? by Anonymous Coward · 2015-10-14 09:57 · Score: 0

Doing crap credit card commercials I think. Heard the guy was a dick to work with.
I'm wigging out about the by Anonymous Coward · 2015-10-14 10:10 · Score: 0

Someone forgot a word and now I am wigging out!
Smoke is coming out of my ears.
Checks patch progress. Patch almost done, back to wigging out!
Who is John from The UK? by TuckerBag · 2015-10-14 10:39 · Score: 2

https://en.wikipedia.org/wiki/... John Wetton from the band called "UK". Sorry, just couldn't resist.
1. Re: Who is John from The UK? by Anonymous Coward · 2015-10-14 12:14 · Score: 0
  
  In the heat of the moment, the Family of the Crimson King joins Asia against UK.
Re:Downmod me ALL day dimwits by Anonymous Coward · 2015-10-14 11:07 · Score: 0

It's why off topic english grammar nazis above is going on apk. They're forums flooding to bury posts that are helpful like yours.
Ummm.... by tompaulco · 2015-10-14 11:08 · Score: 1

I'm not sure I understand. Is this a bitcoin article, an Uber article, a VW article, or a drone article?

--
If you are not allowed to question your government then the government has answered your question.
1. Re:Ummm.... by AHuxley · 2015-10-14 11:53 · Score: 1
  
  Something about phishing "infects users via macro actions which launch when opening infected documents.". The OS is not clearly mentioned :)
  The "online banking consumers" are now safer as the botnet is now connected to a sinkhole.
  
  --
  Domestic spying is now "Benign Information Gathering"
2. Re:Ummm.... by Anomalyst · 2015-10-14 12:03 · Score: 2
  
  I'm not sure I understand. Is this a bitcoin article, an Uber article, a VW article, or a drone article?
  Never under estimate the value of an Uber driver in a rabbit diesel with a trunk full of bitcoins surveiled by a drone.
  
  --
  There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
3. Re:Ummm.... by Anonymous Coward · 2015-10-14 14:41 · Score: 0
  
  I'm not sure I understand. Is this a bitcoin article, an Uber article, a VW article, or a drone article?
  You left out those females, you're in trouble now!
samzenpus by frovingslosh · 2015-10-14 11:34 · Score: 2

As soon as I saw the title I thought to myself "Bet it was posted by samzenpus". Sure enough ......
Not your first one this month either.

--
I'm an American. I love this country and the freedoms that we used to have.
UNSPIN - When you un-spin the typo... by Anonymous Coward · 2015-10-14 12:22 · Score: 1

You see there are very important conclusions to draw from the story.
Fuck Microsoft Windows.
Fuck Microsoft formats.
Fuck Microsoft Windows with anything financial.
Fuck ATM's running on Windows XP.
Fuck Windows 10 with intentionally coded and intentionally obfuscated spyware.
Fuck Microsoft.
There ya go. Those would be the first comments without the seemingly innocent stupid typo in the subject. So many "people" thought it was clever to immediately come in and comment on a typo... you can basically see who the Microsoft shills on Slashdot are from this single story. Also, yeah yeah we're gonna send the NCA and the FBI to make sure Windows is safe. It's a ruse.
http://tech.slashdot.org/comments.pl?sid=8154117&cid=50706123
Malware on an OS that is malware (Windows) is just too much to resist for shills. They had to show up in force. Their adrenalin must have been pumpin over that typo.
1. Re:UNSPIN - When you un-spin the typo... by Maritz · 2015-10-14 21:42 · Score: 1
  
  Why leave 'Fuck Microsoft' til last when it encompasses all the earlier fucks? That just made all the stuff above redundant. Could've saved yourself a bit of time there. But yes you don't like Microsoft, that did come across.
  
  --
  I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
2. Re:UNSPIN - When you un-spin the typo... by Anonymous Coward · 2015-10-15 14:35 · Score: 0
  
  Why leave 'Fuck Microsoft' til last when it encompasses all the earlier fucks? That just made all the stuff above redundant. Could've saved yourself a bit of time there. But yes you don't like Microsoft, that did come across.
  Because I first told you WHY then told you WHAT.
  Who does like Microsoft that isn't paid to? Nobody I've ever heard of. gtfo.
  This is what I see.
  http://tech.slashdot.org/comments.pl?sid=8154117&cid=50706123
  You really tried hard to "say any old shit" though. Does this compute or are you on a grammar mission? I am 100% sure other people understood what I said accurately.
  Fuck Microsoft Windows, Microsoft formats, Microsoft Windows with anything financial especially, including ATM's running on Windows XP. Also fuck Windows 10 with intentionally coded and intentionally obfuscated spyware. And let me add this now, fuck the back-ported spy shit to 7/8/8.1 too. Fuck closed source. Fuck closed source OS's that won't tell you what a patch does.
  People don't like companies that hijack your PC, and Microsoft does that. You are saying oh, you just don't like Microsoft we get it. Nah dickhead. People don't like companies that hijack your PC and it just happens to be Microsoft that does it 100% of the time now. Globally.
  You idiots need to fix your brains and stop bullshitting people. Seriously. I'd think you are sympathetic to the woes of gypsies too.
  
  Could've saved yourself a bit of time there.
  I type fast enough that the difference between a page and a paragraph is negligible. There was no wasted time. Thanks for your heartfelt concern about wasting precious time.
Dridex Banking Malware .. by nickweller · 2015-10-14 12:52 · Score: 2

Does this Dridex Banking Malware run on Apple OS X, Android, Linux or Microsoft Windows ..
1. Re:Dridex Banking Malware .. by sociocapitalist · 2015-10-14 20:31 · Score: 1
  
  Does this Dridex Banking Malware run on Apple OS X, Android, Linux or Microsoft Windows ..
  Dude you lazy. Three seconds on Google:
  "Dridex is a strain of banking malware that leverages macros in Microsoft Office to infect systems."
  http://www.webopedia.com/TERM/...
  
  --
  blindly antisocialist = antisocial
2. Re:Dridex Banking Malware .. by Anonymous Coward · 2015-10-15 00:47 · Score: 0
  
  Dude, you lazier. Your link does not answer the question; it doesn't even ask it. This one does:
  http://www.theguardian.com/technology/2015/oct/14/what-is-dridex-how-can-i-stay-safe
  "Similarly, only users of Windows computers are affected: Dridex cannot install itself on other PC operating systems such as Mac OS X or Chrome OS, nor can it load on mobile devices."
3. Re:Dridex Banking Malware .. by nickweller · 2015-10-15 01:26 · Score: 1
  
  Well, the linked to articles seem to erroneously imply it's cross platform.
  
  "The report indicates that Windows users are the primary targets of the attacks. link
  
  "The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users." link
How do you like that? by fustakrakich · 2015-10-14 12:54 · Score: 1

A simple text message in the title can cause so many brains to lock up... Is bad editing now malware of sorts?

--
“He’s not deformed, he’s just drunk!”
Re:Downmod me ALL day dimwits by Anonymous Coward · 2015-10-14 12:57 · Score: 0

Stop defending apk, samzenpus.
He's doing an excellent job of defending his own gibberish.
Sober up, and fix that Headline.
Re:Downmod me ALL day dimwits by Anonymous Coward · 2015-10-14 13:45 · Score: 0

I like how apk pimps his stuff with facts from good sources. It also like how he wails on trolls with facts too.
A vector of infection that should not be there by dbIII · 2015-10-14 20:06 · Score: 2

Normally it's a vector of infection that should not be there.
Most of the time when somebody sends you a word doc or an excel spreadsheet it is only for you to read and not to change. We've had the PDF format freely available for far longer than this website has existed yet we still get that shit - word docs for birthday invites - do they want us to change the date :) Invoices as spreadsheets - can we fill in how much we want to pay?
1. Re:A vector of infection that should not be there by Maritz · 2015-10-14 21:44 · Score: 1
  
  I only use Office in work, but I always have to click 'enable editing' after I first open something, so it sounds like that's already a thing.
  
  --
  I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Re:Downmod me ALL day dimwits by Anonymous Coward · 2015-10-14 21:39 · Score: 0

I Also Am not APK and I too Think He's Just Great.
Zeus & variants = mainly why I wrote this... a by Anonymous Coward · 2015-10-15 00:22 · Score: 0

I block them from this data https://zeustracker.abuse.ch/m... + MANY other botnets via:
APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...
---
FREE & not 'souled-out' to advertisers + adds speed, security & reliability & does FAR more w/ FAR less more efficiently vs. redundant browser addons & locally installed DNS servers @ home + fixes DNS' many security issues!
---
It obtains its data vs. many types of online threats & for adbanner blocking from 10 reputable sites in the security community!
---
It SPEEDS YOU UP 2 ways (adblocking + locally cached in RAM favorites placed @ the TOP of hosts for fastest resolution speed vs. remote DNS) vs. other "so-called security 'solutions'" SLOWING YOU!
---
It does all that via something you already natively have vs. "bolting on browser addons 'MOAR'" that's usermode slower & increases messagepassing, cpu + ram overheads!
* :)
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...
&
It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model too https://www.virustotal.com/en/...
---
"The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend".
APK
P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:
PERTINENT QUOTE/EXCERPT:
"The image this title brings to mind is of a mighty military commander, one who can at a mere word summon rank upon rank of protective power" from https://answers.yahoo.com/ques... & THAT WORD = hosts!
(Accept NO substitutes!)
...apk
I wish we could we against forces by Not-a-Neg · 2015-10-15 03:16 · Score: 1

use mod points to downvote titles against forces against malware FBI.

--
-==- Buy a Mac and leave me alone!
This is why we hate you, Slashdot editors by wonkey_monkey · 2015-10-15 19:35 · Score: 1

FBI and Join UK Against Forces Against Spread of Dridex Banking Malware
It's been two days, there have been numerous posts pointing out the error, and you still haven't given a shit and fixed it.
You are simply bad at running a website.

--
systemd is Roko's Basilisk.