Threat actors are constantly working towards finding new and complex ways to spread cyber attacks. The affiliates behind Dridex, started out with spreading the campaign as a means to steal banking and personal credentials. To stay involved and relevant in the changing landscape the threat actors evolved and developed BitPaymer Ransomware, which uses Dridex to spread itself laterally within networks. Just this past summer, analysts found a new evolution of BitPaymer ransomware, DoppelPaymer. This version of the campaign, although it looks very similar is far more complex than BitPaymer. LIFARS Incident Response Team analyzed the multiple campaigns below

Ransomware Fix and Cyber Vaccines – Malware Analysis of Dridex, BitPaymer and DoppelPaymer campaign

Threat actors are constantly working towards finding new and complex ways to deploy cyber-attacks. The affiliates behind Dridex initially used...

KNOWLEDGE CENTER