Partner Article

Promon keeps customer credentials safe from Dridex

A security warning has been issued by the National Crime Agency after a Russian organisation calling itself ’Evil Corp“ has used a strain of malware called Dridex to access online banking details. The Trojan could be responsible for worldwide losses of more than $100m, and with losses of £20m siphoned from banks and other financial institutions, the UK is emerging as a major casualty of the attack.

Dridex arrives on a user’s device as a malicious spam email with a Microsoft Word attachment that when opened triggers the download of harmful software, enabling it to smuggle banking credentials to an external host server and carry out fraudulent transactions.

Tackling malware requires a basic understanding of how data can be siphoned from individual users’ accounts: in this instance, with a little foresight the impact of the malware could have been entirely prevented. That’s according to Tom Lysemose Hansen, CTO and founder of Promon:

“Regardless of the inaction following the malware’s diagnosis in early September, this attack was entirely preventable from the outset. Promon Shield has been shown to protect online access and mobile apps from Dridex and its derivatives such as Cridex. Should the affected organisations have a greater understanding of the risk posed by this type of malware, and integrate a solution such as Promon Shield into their online processes and mobile apps, the poisonous code would have been denied access to user’s credentials, and the NCA wouldn’t have their current investigation on their hands.”

Hansen instead frames the importance of introducing a different type of law enforcement that sees companies take on self-defending browsers and apps as part of their duty to their customers, rather than as a retroactive response to threats after an investigation is underway:

“No element of risk should be involved with becoming the customer of an organisation handling your financial data. As SMBs and individual customers are in no position to meet the complex needs demanded by incursions on data’s integrity, the onus is on the organisation to combat new strains of virus before knowledge of their impact becomes the problem of a security agency, and is brought to public awareness.”

Hansen concluded: “If perennial application security was introduced, the breach simply wouldn’t have taken place. This calls into questions the sincerity of companies’ interest in securing customers and small businesses’ privacy. Only when a large-scale case of malware makes its way into the public sphere will the organisation rise to its attention. Hopefully, with the news of the most recent breach, banks and other financial organisations take responsibility and adopt time-tested technology that protects their online and mobile application and their users.”

This was posted in Bdaily's Members' News section by Gordon Young .