Log4j vulnerability now used to install Dridex banking malware

Advisories

Discover Security Vulnerabilities News

Log4j vulnerability now used to install Dridex banking malware

30.Lock Globe Motherboard

Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.

The Dridex malware is a banking trojan originally developed to steal online banking credentials from victims. However, over time, the malware has evolved to be a loader that downloads various modules that can be used to perform different malicious behavior, such as installing additional payloads, spreading to other devices, taking screenshots, and more.

Dridex infections are also known to lead to ransomware attacks from operations believed to be linked to the Evil Corp hacking group. These ransomware infections include BitPaymer, DoppelPaymer, and possibly other limited-use ransomware variants.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.