Are Your Passwords Safe?

There are plenty of malicious computer infections that are after sensitive information, particularly the kind that could help cyber criminals hijack personal accounts. Some are more vicious than others, and Dyre Trojan is certainly one of the worse ones, as it is all about taking over online banking credentials, and there is no question what is the reason behind this. Also known by the names Dyreza and Battdil, this infection has been created to steal your money, but this is not all that it is capable of. The worst part about malware of this kind is that it is clandestine, which is due to the fact that it runs silently, without drawing any unnecessary attention to itself. Unfortunately, this means that the malicious password stealing infections are often successful in their attacks, as users do not realize they are happening.

Beware: malware attacks are NEVER obvious

The distribution of password-stealing infections is always extremely clandestine. For example, the creators of Dyre Trojan have focused on the silent infiltration method, as this is the only way to perform malicious attacks without interference. Unsurprisingly, Dyre Trojan is dropped by a clandestine Trojan downloader. Upatre is the name of this downloader, and it is spread using several different methods. In the past, the Trojan’s developers mostly used compromised spam email attachments to execute malware, but right now they have also turned to Java exploits. It appears that this infection can employ the JJEncoded JavaScript to discover the target system’s screen resolution and the browser User Agent. This data is then used to deliver the main payload. To our surprise, it is wireless routers that are used for the infiltration of malware. If users open corrupted email attachments, a connection to Upatre’s control server is made, and password-stealing malware is downloaded.

How malware exploits wireless routers

It is very possible that the cyber criminals behind Dyre Trojan primarily exploit those wireless routers – usually created by AirOS and MikroTik – that have default credentials. Many users do not take the time to update this information, and the malicious Upatre has exploited this vulnerability to the fullest. Once installed, Dyre Trojan has been found to hijack the most popular web browsers, including Internet Explorer, Mozilla Firefox, and Google Chrome. This hijacking can be used to take over your banking sessions. Dyre Trojan can create the imitations of online banking sites you attempt to visit, which might lead you to disclosing your login information to schemers without realizing it. Besides this, the malicious infection is also known for downloading additional malware. Infostealer.Kegotip, Trojan.Spadyra, Trojan.Pandex.B, and Trojan.Fareit, are just a few infections that could be installed by this threat. These infections are mainly employed for the further distribution of malware. They can add systems to a botnet, and use them for sending corrupted emails to continue infecting more systems and stealing more passwords.

What's your game plan?

As mentioned previously, the default credentials play an important role in this. If you change these credentials, it will be more difficult for Dyre Trojan, or other infections of this kind, to attack your operating system and jeopardize the security of your online accounts. If you go to and select the manufacturer of your own router, you will learn the password. Knowing this password will help you make the necessary modifications. Of course, this is not all that you need to do. We cannot stress enough how important it is to employ security software to protect your operating system. The Trojans that can corrupt your operating system are likely to be able to circumvent basic security protocols, which is why it is essential that you use only up-to-date, powerful, and trustworthy software.

Leave a Comment

Enter the numbers in the box to the right *