The Dridex Trojan, one of the most destructive banking Trojans, has been upgraded with a new injection method so the malware is even better at evading detection.
The newest version of Dridex, v4, is now the first banking Trojan to take advantage of AtomBombing, according to report by IBM X-Force. Unlike some of the more common code injection techniques, AtomBombing is meant to evade security solutions. Once one organized cybercrime gang successfully pulls off a slick trick, other cyber thugs are expected to adopt the method.
“In this release,” the researchers wrote, “we noted that special attention was given to dodging antivirus (AV) products and hindering research by adopting a series of enhanced anti-research and anti-AV capabilities.”