DRIDEX Spam returns to USA

Trend Micro is warning that the banking botnet has made a reappearance in the US and that the UK is likely to feel its impact again soon.
In a blog post on their site, Trend Micro’s Ryan Flores cautions that:
“DRIDEX is steadily regaining its footing in the US just over a month after itsĀ takedown orchestrated by US and UK law enforcement agencies. Taking down servers is a significant step in crippling botnets, but unless all infrastructure are destroyed and all threat actors are caught, threats like DRIDEX are bound to resurface.”
Trend has seen multiple DRIDEX-related spam runs which often use social engineering lures such as bills and invoices in an attempt to secure banking and financial information from recipients. The chief concern for Trend is that a number of the originating botnets date back to 2014, which underlines the fact that the DRIDEX botnet wasn’t completely removed.
As is often the case, the delivery relies on Excel and Word documents which contain malicious macros. For the full report, please visit Trend’s blog.