Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

"Dyre" times for online banking customers, unless you’re an HP TippingPoint customer

MarthaAviles ‎07-22-2014 10:05 AM - edited ‎09-23-2015 03:21 PM

There’s a new banking trojan on the scene, and it’s targeting major online banking services—exploiting network security everywhere. Dyreza (or Dyre) uses browser hooking—a technique that allows the trojan to intercept sensitive web traffic prior to encryption—to perform a man-in-the-middle (MITM) attack, evading SSL and gathering banking credentials. What does this mean in plain English? Dyre can steal your confidental information and cause mayhem on your accounts if you bank online.

Dyreza is being mainly delivered through spam campaigns, with the primary targets appearing to be customers of specific banks in the UK and US.  It’s not until the users access one of four specific financial institutions that the malware goes to work. The organizations currently affected are:

  • Bank of America (North America)
  • Ulster Bank (Ireland)
  • Royal Bank of Scotland (Scotland)
  • National Westminster Bank (United Kingdom)

Prior to their user credentials being submitted to their financial institution, a copy of the information is sent to an attacker-controlled server in clear text…and chaos ensues.

Interested in the nitty-gritty details of how this trojan works? Check out the “Dyre Times for Online Banking Customers” blog  where, Mat Powell, Security Researcher for HP DVLabs, details what happened when he visited the Bank of America website and entered a bogus user id. Hint: Total shenanigans.

So, here’s the big question: What can you do to protect yourself against this threat? Well, if you’re an HP TippingPoint customer, you can breathe easy.

We know that every second matters, so our HP TippingPoint DVLabs has you covered. HP TippingPoint customers can enable Filter 16441 HTTP: Dyre Malware Communication Attempt. This filter was created by the DVLabs team and shipped on July 1st, 2014 on DV8575. The mainline DV will be updated on July 29th and customers looking to proactively deploy the updated filter can request a custom CSW. And with the HP TippingPoint Next-Generation Intrusion Prevention System (IPS), and our next-generation firewall, your information is safe.

Interested in learning more about how HP TippingPoint protects your information? Join us at HP Protect, September 8-11, in Washington DC! 

HP TippingPoint Network Security solutions

When every second matters, HP TippingPoint delivers industry-leading security intelligence powered by HP TippingPoint DVLabs—keeping you ahead of the threats. With simple, reliable and effective products including TippingPoint Next-Generation Intrusion Prevention System (IPS),  TippingPoint Next-Generation Firewall (NGFW), and the TippingPoint Security Management System, we are on your side, delivering proactive network security protection.  Learn more about how HP TippingPoint can help you with your network security solutions.

0 Kudos
About the Author


Nov 29 - Dec 1
Discover 2016 London
Learn how to thrive in a world of digital transformation at our biggest event of the year, Discover 2016 London, November 29 - December 1.
Read more
Each Month in 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all