Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Dyre Trojan Adds New Sandbox-Evasion Feature

Dyre Trojan Adds New Sandbox-Evasion Feature


The Dyre malware tool, which has emerged as one of the most significant banking Trojans since the takedown of the Gameover Zeus botnet in June 2014, has added an effective new trick for avoiding detection by anti-malware tools. Security researchers at Seculert recently discovered a new version of Dyre that is able to evade sandbox detection tools by checking how many processor cores the machine has. If it discovers the machine has just one core it immediately terminates on the system it has infected before it can be spotted. A security sandbox is basically a secure virtualized environment for executing and running unfamiliar or untrusted code to see if it contains any malware. Several security tools are currently available that offer sandboxing as a technique for detecting and blocking malicious code.
 
Read More:
 
Source:
 
Darkreading
 
Removepcthreats
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis