CYBERBIT uncovers Dridex Malware persistency and stealth mechanism

Jan. 25, 2016

 CYBERBIT, Elbit Systems’ wholly-owned subsidiary, announced that it uncovered for the first time, the Dridex malware’s advanced and sophisticated persistency mechanism, allowing organizations to detect and remove the malware.

 The unique analysis was revealed by CYBERBIT’s dedicated malware research expert team, who managed to conduct a detailed dynamic behavioral analysis of the Dridex malware, fully revealing its infection process and persistency mechanism. Part of Dridex’ robustness is attributed to its ability to constantly generate new variants for each attack, thus going undetected under AV engines. CYBERBIT’s malware research team, a group of specialists who analyze malwares and security threats in order to enrich CYBERBIT’s analyses methods and algorithms, managed to reveal Dridex’ persistency mechanism, which allows it to remain uncovered and undetected due to its unique mode of operation.

 Since its appearance in late 2014, Dridex has been one of the most notable malware threats, designed to steal personal banking information and credentials mostly from small and medium-sized organizations. Dridex malware attacks are said to be responsible for the theft of over $50 million, out of which $30 million was stolen from UK accounts alone. The criminal forces behind Dridex are believed to have links to similar cybercrime gangs.  CYBERBIT suspects that such criminal organizations experience from previous activities are those that allow Dridex authors and affiliates to keep their infrastructure alive and to stay active and dangerous.

 CYBERBIT’s products collect and analyze information in greater depth and context over time and space and provide ad-hoc forensics and response capabilities, for both IT and SCADA networks, while assuring minimum time for mitigation, remediation and response. CYBERBIT’s technology is developed by skilled, updated and competent personnel, and it supplies live hands-on training that keeps its customers efficient and savvy.

More and Bigger Threats

Security threats in the 21st century are more complex, more sophisticated, and stealthier than ever - with an estimated 70 percent to 90 percent of malwares, which are unique to a specific targeted organization, managing to bypass traditional security tools.

Enterprises just can’t afford to keep using technologies and methods that don’t work. CYBERBIT understands that in order to detect and respond quickly and efficiently to advanced unknown threats, organizational security has to be changed. Detection and response cycles must become optimal and short, leveraging granular information pieces as well as past knowledge, automating processes and capabilities, and allowing the organization to be agile, alert and prompt. CYBERBIT’s solutions aim to empower its customers by providing them with a different level of detection, response, forensics and mitigation capabilities and allowing them to operate rapidly, efficiently and accurately.

About Elbit Systems

Elbit Systems Ltd. is an international high technology company engaged in a wide range of defense, homeland security and commercial programs throughout the world. The Company, which includes Elbit Systems and its subsidiaries, operates in the areas of aerospace, land and naval systems, command, control, communications, computers, intelligence surveillance and reconnaissance ("C4ISR"), unmanned aircraft systems, advanced electro-optics, electro-optic space systems, EW suites, signal intelligence systems, data links and communications systems, radios and cyber-based systems. The Company also focuses on the upgrading of existing platforms, developing new technologies for defense, homeland security and commercial applications and providing a range of support services, including training and simulation systems.

For additional information, visit: www.elbitsystems.com, follow us on Twitter or visit our official Youtube Channel