Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Dyre Malware

  • 1.  Dyre Malware

    Posted Sep 08, 2014 09:15 AM

    Salesforce is informing its customers to confirm their anti-malware solution is capable of detecting the Dyre malware.  I searched Symantec's Security Response site and can find nothing relating to this malware.

    Anyone have any information regarding Symantec's abilities to detect this?



  • 2.  RE: Dyre Malware

    Posted Sep 08, 2014 09:17 AM

    Depends on the name, Symantec may have classified it under a different name.



  • 3.  RE: Dyre Malware



  • 4.  RE: Dyre Malware

    Posted Sep 08, 2014 09:23 AM

    May be this the detection name

    http://www.symantec.com/security_response/writeup.jsp?docid=2014-061713-0826-99

    Report of virus total for this virus

    https://www.virustotal.com/en/file/462cc971fabd8803cf0468a6a4d75d57a4be1bcf6144bf2b00e7c8739680cb9f/analysis/



  • 5.  RE: Dyre Malware

    Posted Sep 08, 2014 09:28 AM

    I searched Security Response for both Dyre and Dyreza with no returns.

    May be is not an option.

     

    Thanks.



  • 6.  RE: Dyre Malware
    Best Answer

    Posted Sep 08, 2014 09:50 AM

    Looks like it's classified as Infostealer.Dyranges by Symantec

    https://www.virustotal.com/en-gb/file/462cc971fabd8803cf0468a6a4d75d57a4be1bcf6144bf2b00e7c8739680cb9f/analysis/

    http://www.symantec.com/security_response/writeup.jsp?docid=2014-061713-0826-99



  • 7.  RE: Dyre Malware

    Posted Sep 08, 2014 10:51 AM

    Brian, I see no reference to Dyre and Dyreza in what you referenced in Symantec's writeup or Sophos?



  • 8.  RE: Dyre Malware

    Posted Sep 08, 2014 10:54 AM

    It's the virustotal report showing what Symantec classifies it as. There is no writeup from Symantec that I've found.



  • 9.  RE: Dyre Malware

    Broadcom Employee
    Posted Sep 08, 2014 11:06 AM

    Hi,

    Symantec have classified it as a Infostealer.Dyranges.

    Here is the write up: http://www.symantec.com/security_response/writeup.jsp?docid=2014-061713-0826-99 

    Follow best practices: http://us.norton.com/security_response/secureemail.jsp



  • 10.  RE: Dyre Malware

    Posted Sep 08, 2014 11:56 AM

    The information above is correct.  Symantec detects this threat as Infostealer.Dyranges.  We have been closely monitoring this threat and updating signatures against it.

    The advice on this page is important for end users:

    Secure Your Email
    http://us.norton.com/security_response/secureemail.jsp

    Admins of larger organizations may wish to ensure that the mail security tool in place is correctly scanning incoming and outgoing traffic.

    Hope this helps!

    Mick