INDRIK SPIDER  (Back to overview)

aka: DEV-0243, EvilCorp, Manatee Tempest, UNC2165

INDRIK SPIDER is a sophisticated eCrime group that has been operating Dridex since June 2014. In 2015 and 2016, Dridex was one of the most prolific eCrime banking trojans on the market and, since 2014, those efforts are thought to have netted INDRIK SPIDER millions of dollars in criminal profits. Throughout its years of operation, Dridex has received multiple updates with new modules developed and new anti-analysis features added to the malware. In August 2017, a new ransomware variant identified as BitPaymer was reported to have ransomed the U.K.’s National Health Service (NHS), with a high ransom demand of 53 BTC (approximately $200,000 USD). The targeting of an organization rather than individuals, and the high ransom demands, made BitPaymer stand out from other contemporary ransomware at the time. Though the encryption and ransom functionality of BitPaymer was not technically sophisticated, the malware contained multiple anti-analysis features that overlapped with Dridex. Later technical analysis of BitPaymer indicated that it had been developed by INDRIK SPIDER, suggesting the group had expanded its criminal operation to include ransomware as a monetization strategy.

Associated Families
win.dridex win.friedex

2024-02-12Estrellas's BlogOtávio M.
Unveiling custom packers: A comprehensive guide
Dridex Simda
2023-03-06Landeskriminalamt NRWLandeskriminalamt NRW
Schlag gegen international agierendes Netzwerk von Cyber-Kriminellen
DoppelPaymer Entropy FriedEx
2023-02-27PRODAFT Threat IntelligencePRODAFT
RIG Exploit Kit: In-Depth Analysis
Dridex IcedID ISFB PureCrypter Raccoon RecordBreaker RedLine Stealer Royal Ransom Silence SmokeLoader Zloader
2022-10-31paloalto Netoworks: Unit42Or Chechik
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Dridex Kronos TrickBot Zeus
2022-10-13SpamhausSpamhaus Malware Labs
Spamhaus Botnet Threat Update Q3 2022
FluBot Arkei Stealer AsyncRAT Ave Maria BumbleBee Cobalt Strike DCRat Dridex Emotet Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT QakBot RecordBreaker RedLine Stealer Remcos Socelars Tofsee Vjw0rm
2022-09-01IBMEmmy Ebanks, Kevin Henson
Raspberry Robin and Dridex: Two Birds of a Feather
Dridex Raspberry Robin
2022-08-24Github (rad9800)Rad Kawar
Malware Madness: EXCEPTION edition
2022-07-09Artik BlueArtik Blue
Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)
2022-06-13Jorge TestaJorge Testa
Killing The Bear - Evil Corp
FAKEUPDATES Babuk Blister DoppelPaymer Dridex Entropy FriedEx Hades Macaw Phoenix Locker WastedLoader WastedLocker
2022-06-02MandiantMandiant Intelligence
To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions
FAKEUPDATES Blister Cobalt Strike DoppelPaymer Dridex FriedEx Hades LockBit Macaw MimiKatz Phoenix Locker WastedLocker
2022-05-24Deep instinctBar Block
Blame the Messenger: 4 Types of Dropper Malware in Microsoft Office & How to Detect Them
Dridex Emotet
2022-05-19Palo Alto Networks Unit 42Saqib Khanzada
Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies
RiskIQ: Identifying Dridex C2 via SSL Certificate Patterns
Bateleur BELLHOP Griffon SQLRat POWERSOURCE Andromeda BABYMETAL BlackCat BlackMatter BOOSTWRITE Carbanak Cobalt Strike DNSMessenger Dridex DRIFTPIN Gameover P2P MimiKatz Murofet Qadars Ranbyus SocksBot
2022-03-13Malcatmalcat team
Cutting corners against a Dridex downloader
VirusTotal's 2021 Malware Trends Report
Anubis AsyncRAT BlackMatter Cobalt Strike DanaBot Dridex Khonsari MimiKatz Mirai Nanocore RAT Orcus RAT
2022-02-23Sentinel LABSAntonio Pirozzi, Antonis Terefos, Idan Weizman
Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp
Dridex WastedLocker
2022-02-23SophosLabs UncutAndrew Brandt
Dridex bots deliver Entropy ransomware in recent attacks
Cobalt Strike Dridex Entropy
2022-02-08Intel 471Intel 471
PrivateLoader: The first step in many malware schemes
Dridex Kronos LockBit Nanocore RAT NjRAT PrivateLoader Quasar RAT RedLine Stealer Remcos SmokeLoader STOP Tofsee TrickBot Vidar
2022-02-01Sentinel LABSAntonio Pirozzi, Antonis Terefos, Idan Weizman
Sanctions be Damned | From Dridex To Macaw, The Evolution of Evil Corp
Dridex FriedEx Hades Phoenix Locker WastedLocker
2022-01-18Recorded FutureInsikt Group®
2021 Adversary Infrastructure Report
BazarBackdoor Cobalt Strike Dridex IcedID QakBot TrickBot
2022-01-14RiskIQJordan Herman
RiskIQ: Unique SSL Certificates and JARM Hash Connected to Emotet and Dridex C2 Servers
Dridex Emotet
2022-01-11muha2xmadMuhammad Hasan Ali
Unpacking Dridex malware
2022-01-09Atomic Matryoshkaz3r0day_504
Malware Headliners: Dridex
Threat Intelligence Report: The Evolution of Doppel Spider from BitPaymer to Grief Ransomware
DoppelPaymer FriedEx
2021-12-23SymantecSiddhesh Chandrayan
Log4j Vulnerabilities: Attack Insights
Tsunami Conti Dridex Khonsari Orcus RAT TellYouThePass
2021-12-20InQuestNick Chalard
(Don't) Bring Dridex Home for the Holidays
DoppelDridex Dridex
2021-11-21Cyber-AnubisNidal Fikri
Dridex Trojan | Defeating Anti-Analysis | Strings Decryption | C&C Extraction
DoppelDridex Dridex
2021-11-16YoroiCarmelo Ragusa, Luca Mella, Luigi Martire
Office Documents: May the XLL technique change the threat Landscape in 2022?
Agent Tesla Dridex Formbook
2021-11-12Recorded FutureInsikt Group®
The Business of Fraud: Botnet Malware Dissemination
Mozi Dridex IcedID QakBot TrickBot
2021-09-15Palo Alto Networks Unit 42Anna Chung, Swetha Balla
Phishing Eager Travelers
2021-09-03Trend MicroMohamad Mokbel
The State of SSL/TLS Certificate Usage in Malware C&C Communications
AdWind ostap AsyncRAT BazarBackdoor BitRAT Buer Chthonic CloudEyE Cobalt Strike DCRat Dridex FindPOS GootKit Gozi IcedID ISFB Nanocore RAT Orcus RAT PandaBanker Qadars QakBot Quasar RAT Rockloader ServHelper Shifu SManager TorrentLocker TrickBot Vawtrak Zeus Zloader
2021-08-19BlackberryBlackBerry Research & Intelligence Team
BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware
Cobalt Strike Dridex TA575
2021-08-15SymantecThreat Hunter Team
The Ransomware Threat
Babuk BlackMatter DarkSide Avaddon Babuk BADHATCH BazarBackdoor BlackMatter Clop Cobalt Strike Conti DarkSide DoppelPaymer Egregor Emotet FiveHands FriedEx Hades IcedID LockBit Maze MegaCortex MimiKatz QakBot RagnarLocker REvil Ryuk TrickBot WastedLocker
2021-08-05KrebsOnSecurityBrian Krebs
Ransomware Gangs and the Name Game Distraction
DarkSide RansomEXX Babuk Cerber Conti DarkSide DoppelPaymer Egregor FriedEx Gandcrab Hermes Maze RansomEXX REvil Ryuk Sekhmet
2021-07-30HPPatrick Schläpfer
Detecting TA551 domains
Valak Dridex IcedID ISFB QakBot
Skip the Middleman: Dridex Document to Cobalt Strike
Cobalt Strike Dridex
2021-06-22Twitter (@Cryptolaemus1)Cryptolaemus, dao ming si, Kirk Sayre
Tweet on TA575, a Dridex affiliate delivering cobaltstrike (packed withe Cryptone) directly via the macro docs
Cobalt Strike Dridex
2021-06-08Intel 471Intel 471
The blurry boundaries between nation-state actors and the cybercrime underground
Dridex Gameover P2P
2021-06-06Bleeping ComputerLawrence Abrams
New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions
Babuk FriedEx PayloadBIN WastedLocker
2021-06-03YouTube (FIRST)Felipe Domingues, Gustavo Palazolo
Breaking Dridex Malware
2021-05-26DeepInstinctRon Ben Yizhak
A Deep Dive into Packing Software CryptOne
Cobalt Strike Dridex Emotet Gozi ISFB Mailto QakBot SmokeLoader WastedLocker Zloader
2021-04-21SophosLabs UncutAnand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC
2021-04-15Twitter (@felixw3000)Felix
Tweet on Dridex's evasion technique
2021-04-15ProofpointSelena Larson
Threat Actors Pair Tax-Themed Lures With COVID-19, Healthcare Themes
Dridex TrickBot
PaaS, or how hackers evade antivirus software
Amadey Bunitu Cerber Dridex ISFB KPOT Stealer Mailto Nemty Phobos Pony Predator The Thief QakBot Raccoon RTM SmokeLoader Zloader
Dridex Loader Analysis
2021-03-31Red CanaryRed Canary
2021 Threat Detection Report
Shlayer Andromeda Cobalt Strike Dridex Emotet IcedID MimiKatz QakBot TrickBot
2021-03-29VMWare Carbon BlackGiovanni Vigna, Jason Zhang, Oleg Boyarchuk
Dridex Reloaded: Analysis of a New Dridex Campaign
2021-03-18PRODAFT Threat IntelligencePRODAFT
SilverFish GroupThreat Actor Report
Cobalt Strike Dridex Koadic
2021-03-17HPHP Bromium
Threat Insights Report Q4-2020
Agent Tesla BitRAT ComodoSec Dridex Emotet Ficker Stealer Formbook Zloader
2021-03-17CrowdStrikeAdam Podlosky, Brendon Feeley
INDRIK SPIDER Supersedes WastedLocker with Hades Ransomware to Circumvent OFAC Sanctions
FriedEx WastedLocker
2021-03-11IBMDave McMillen, Limor Kessem
Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts
Cutwail Dridex
2021-03-01Group-IBOleg Skulkin, Roman Rezvukhin, Semyon Rogachev
Ransomware Uncovered 2020/2021
RansomEXX BazarBackdoor Buer Clop Conti DoppelPaymer Dridex Egregor IcedID Maze PwndLocker QakBot RansomEXX REvil Ryuk SDBbot TrickBot Zloader
2021-02-28PWC UKPWC UK
Cyber Threats 2020: A Year in Retrospect
elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare APT10 APT23 APT27 APT31 APT41 BlackTech BRONZE EDGEWOOD Inception Framework MUSTANG PANDA Red Charon Red Nue Sea Turtle Tonto Team
2021 Global Threat Report
RansomEXX Amadey Anchor Avaddon BazarBackdoor Clop Cobalt Strike Conti Cutwail DanaBot DarkSide DoppelPaymer Dridex Egregor Emotet Hakbit IcedID JSOutProx KerrDown LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker NedDnLoader Nemty Pay2Key PlugX Pushdo PwndLocker PyXie QakBot Quasar RAT RagnarLocker Ragnarok RansomEXX REvil Ryuk Sekhmet ShadowPad SmokeLoader Snake SUNBURST SunCrypt TEARDROP TrickBot WastedLocker Winnti Zloader Evilnum OUTLAW SPIDER RIDDLE SPIDER SOLAR SPIDER VIKING SPIDER
2021-02-15Medium s2wlabSojun Ryu
Operation SyncTrek
AbaddonPOS Azorult Clop DoppelDridex DoppelPaymer Dridex PwndLocker
2021-02-07Technical Blog of Ali AqeelAli Aqeel
Dridex Malware Analysis
2021-02-02Twitter (@TheDFIRReport)The DFIR Report
Tweet on recent dridex post infection activity
Cobalt Strike Dridex
2021-02-02CRONUPGermán Fernández
De ataque con Malware a incidente de Ransomware
Avaddon BazarBackdoor Buer Clop Cobalt Strike Conti DanaBot Dharma Dridex Egregor Emotet Empire Downloader FriedEx GootKit IcedID MegaCortex Nemty Phorpiex PwndLocker PyXie QakBot RansomEXX REvil Ryuk SDBbot SmokeLoader TrickBot Zloader
2021-02-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot
2021-01-19HPPatrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
2021-01-09Marco Ramilli's BlogMarco Ramilli
Command and Control Traffic Patterns
ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot
2021-01-04Check PointCheck Point Research
DRIDEX Stopping Serial Killer: Catching the Next Strike
Threat Profile: GOLD HERON
DoppelPaymer Dridex Empire Downloader DOPPEL SPIDER
Threat Profile: GOLD DRAKE
Cobalt Strike Dridex FriedEx Koadic MimiKatz WastedLocker Evil Corp
Alert (AA20-345A): Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
PerlBot Shlayer Agent Tesla Cerber Dridex Ghost RAT Kovter Maze MedusaLocker Nanocore RAT Nefilim REvil Ryuk Zeus
2020-11-20ZDNetCatalin Cimpanu
The malware that usually installs ransomware and you need to remove right away
Avaddon BazarBackdoor Buer Clop Cobalt Strike Conti DoppelPaymer Dridex Egregor Emotet FriedEx MegaCortex Phorpiex PwndLocker QakBot Ryuk SDBbot TrickBot Zloader
SOPHOS 2021 THREAT REPORT Navigating cybersecurity in an uncertain world
Agent Tesla Dridex TrickBot Zloader
Dridex Emotet ISFB QakBot
2020-10-15Department of JusticeDepartment of Justice
Officials Announce International Operation Targeting Transnational Criminal Organization QQAAZZ that Provided Money Laundering Services to High-Level Cybercriminals
Dridex ISFB TrickBot
Wikipedia Page: Maksim Yakubets
Dridex Feodo Evil Corp
2020-09-29PWC UKAndy Auld
What's behind the increase in ransomware attacks this year?
DarkSide Avaddon Clop Conti DoppelPaymer Dridex Emotet FriedEx Mailto PwndLocker QakBot REvil Ryuk SMAUG SunCrypt TrickBot WastedLocker
2020-09-25CrowdStrikeThe Crowdstrike Intel Team
Double Trouble: Ransomware with Data Leak Extortion, Part 1
DoppelPaymer FriedEx LockBit Maze MedusaLocker RagnarLocker REvil RobinHood SamSam WastedLocker MIMIC SPIDER PIZZO SPIDER TA2101 VIKING SPIDER
2020-09-18AppGateFelipe Duarte, Gustavo Palazolo
Reverse Engineering Dridex and Automating IOC Extraction
2020-09-10SANS ISC InfoSec ForumsBrad Duncan
Recent Dridex activity
2020-09-07Github (pan-unit42)Brad Duncan
Collection of recent Dridex IOCs
Cutwail Dridex
2020-08-21Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Decrypting HTTPS Traffic
Development of the Activity of the TA505 Cybercriminal Group
AndroMut Bart Clop Dridex FlawedAmmyy FlawedGrace Get2 Locky Marap QuantLoader SDBbot ServHelper tRat TrickBot
2020-08-09F5 LabsDebbie Walkowski, Remi Cohen
Banking Trojans: A Reference Guide to the Malware Family Tree
BackSwap Carberp Citadel DanaBot Dridex Dyre Emotet Gozi Kronos PandaBanker Ramnit Shylock SpyEye Tinba TrickBot Vawtrak Zeus
2020-08-03The DFIR Report
Dridex – From Word to Domain Dominance
2020-08-01Temple UniversityCARE
Critical Infrastructure Ransomware Attacks
CryptoLocker Cryptowall DoppelPaymer FriedEx Mailto Maze REvil Ryuk SamSam WannaCryptor
The Malware Dridex: Origins and Uses
Andromeda CryptoLocker Cutwail DoppelPaymer Dridex Emotet FriedEx Gameover P2P Gandcrab ISFB Murofet Necurs Predator The Thief Zeus
2020-06-24MorphisecArnold Osipov
Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader
Évolution De Lactivité du Groupe Cybercriminel TA505
Amadey AndroMut Bart Clop Dridex FlawedGrace Gandcrab Get2 GlobeImposter Jaff Locky Marap Philadephia Ransom QuantLoader Scarab Ransomware SDBbot ServHelper Silence tRat TrickBot
Dridex: the secret in a PostMessage()
2020-06-05VotiroVotiro’s Research Team
Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19
2020-05-31Medium walmartglobaltechJason Reaves, Joshua Platt
WastedLoader or DridexLoader?
Dridex WastedLocker
Dridex Banking Trojan Technical Analysis Report
INDICATEURS DE COMPROMISSION DU CERT-FR - Objet: Le code malveillant Dridex
Le Code Malveillant Dridex: Origines et Usages
2020-05-21Intel 471Intel 471
A brief history of TA505
AndroMut Bart Dridex FlawedAmmyy FlawedGrace Gandcrab Get2 GlobeImposter Jaff Kegotip Locky Necurs Philadephia Ransom Pony QuantLoader Rockloader SDBbot ServHelper Shifu Snatch TrickBot
2020-03-30IntezerMichael Kajiloti
Fantastic payloads and where we find them
Dridex Emotet ISFB TrickBot
2020-03-05MicrosoftMicrosoft Threat Protection Intelligence Team
Human-operated ransomware attacks: A preventable disaster
Dharma DoppelPaymer Dridex EternalPetya Gandcrab Hermes LockerGoga MegaCortex MimiKatz REvil RobinHood Ryuk SamSam TrickBot WannaCryptor PARINACOTA
2020 CrowdStrike Global Threat Report
MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT23 APT31 APT39 APT40 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group GOBLIN PANDA MONTY SPIDER MUSTANG PANDA NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER
2020-03-03PWC UKPWC UK
Cyber Threats 2019:A Year in Retrospect
KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare APT41 MUSTANG PANDA Sea Turtle
2020-02-25RSA ConferenceJoel DeCapua
Feds Fighting Ransomware: How the FBI Investigates and How You Can Help
FastCash Cerber Defray Dharma FriedEx Gandcrab GlobeImposter Mamba Phobos Rapid Ransom REvil Ryuk SamSam Zeus
2020-02-25Bleeping ComputerLawrence Abrams
DoppelPaymer Ransomware Launches Site to Post Victim's Data
DoppelPaymer FriedEx
2020-02-18Sophos LabsLuca Nagy
Nearly a quarter of malware now communicates using TLS
Dridex IcedID TrickBot
2020-02-12McAfeeChristiaan Beek
CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I
2020-01-31Virus BulletinMichal Poslušný, Peter Kálnai
Rich Headers: leveraging this mysterious artifact of the PE format
Dridex Exaramel Industroyer Neutrino RCS Sathurbot
État de la menace rançongiciel
Clop Dharma FriedEx Gandcrab LockerGoga Maze MegaCortex REvil RobinHood Ryuk SamSam
2020-01-17SecureworksKeita Yamazaki, Tamada Kiyotaka, You Nakatsuru
Is It Wrong to Try to Find APT Techniques in Ransomware Attack?
Defray Dharma FriedEx Gandcrab GlobeImposter Matrix Ransom MedusaLocker Phobos REvil Ryuk SamSam Scarab Ransomware
Dridex Empire Downloader FriedEx Koadic MimiKatz
DoppelPaymer Dridex Empire Downloader
2019-12-19KrebsOnSecurityBrian Krebs
Inside ‘Evil Corp,’ a $100M Cybercrime Menace
Dridex Gameover P2P Zeus Evil Corp
2019-12-05U.S. Department of the TreasuryU.S. Department of the Treasury
Treasury Sanctions Evil Corp, the Russia-Based Cybercriminal Group Behind Dridex Malware
2019-11-06BluelivBlueliv Team, Jose Miguel Esparza
Spanish consultancy Everis suffers BitPaymer ransomware attack: a brief analysis
2019-09-09McAfeeChintan Shah, Marc Rivero López, Thomas Roccia
Evolution of Malware Sandbox Evasion Tactics – A Retrospective Study
Cutwail Dridex Dyre Kovter Locky Phorpiex Simda
2019-08-13AdalogicsDavid Korczynski
The state of advanced code injections
Dridex Emotet Tinba
2019-07-12CrowdStrikeBex Hartley, Brett Stone-Gross, Sergei Frankoff
BitPaymer Source Code Fork: Meet DoppelPaymer Ransomware and Dridex 2.0
DoppelDridex DoppelPaymer Dridex FriedEx
The Rise of Dridex and the Role of ESPs
2019-04-15Trend MicroGilbert Sison, Ryan Maglaque
Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
2018-12-18Trend MicroTrendmicro
URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
Dridex Emotet FriedEx ISFB
2018-11-14CrowdStrikeBex Hartley, Sergei Frankoff
Big Game Hunting: The Evolution of INDRIK SPIDER From Dridex Wire Fraud to BitPaymer Targeted Ransomware
2018-09-11Sophos Naked SecurityMark Stockley
The Rise of Targeted Ransomware
Dharma FriedEx SamSam
2018-01-26ESET ResearchMichal Poslušný
FriedEx: BitPaymer ransomware the work of Dridex authors
Dridex FriedEx
2018-01-12ProofpointProofpoint Staff
Holiday lull? Not so much
Dridex Emotet GlobeImposter ISFB Necurs PandaBanker UrlZone NARWHAL SPIDER
2017-08-01Panda SecurityPanda Security
Malware Report: Dridex Version 4
2017-07-25Github (viql)Johannes Bader
Dridex Loot
2017-07-18ElasticAshkan Hosseini
Ten process injection techniques: A technical survey of common and trending process injection techniques
Cryakl CyberGate Dridex FinFisher RAT Locky
2017-05-25Kaspersky LabsNikita Slepogin
Dridex: A History of Evolution
Dridex Feodo
2017-05-15SecureworksCounter Threat Unit ResearchTeam
Evolution of the GOLD EVERGREEN Threat Group
CryptoLocker Dridex Dyre Gameover P2P Murofet TrickBot Zeus GOLD EVERGREEN
2017-02-28Security IntelligenceMagal Baz, Or Safran
Dridex’s Cold War: Enter AtomBombing
Dridex Banking Trojan Returns, Leverages New UAC Bypass Method
2016-02-16SymantecDick O'Brien
Dridex: Tidal waves of spam pushing dangerous financial Trojan
Talking to Dridex (part 0) – inside the dropper
Chasing cybercrime: network insights of Dyre and Dridex Trojan bankers
Dridex Dyre
Dridex: Chasing a botnet from the inside
2015-10-13SecureworksBrett Stone-Gross
Dridex (Bugat v5) Botnet Takeover Operation
Dridex Evil Corp

Credits: MISP Project