Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >DEALING WITH DRIDEX – PROTECTING END-USERS FROM NEW STRAINS OF MALWARE
    Technology

    Dealing With Dridex – Protecting End-Users From New Strains of Malware

    Published by Gbaf News

    Posted on December 1, 2015

    4 min read

    Last updated: January 22, 2026

    Add as preferred source on Google
    This image highlights the dangers of Dridex malware in the banking sector, illustrating how new strains of malware threaten end-users' security and financial safety.
    Illustration of malware threats like Dridex affecting banking security - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Paul Dignan, Systems Engineer, F5 Networks

    Last month, criminals used new strains of malware to steal £20 million from UK banking customers, highlighting the dangers of such viruses in a very high-profile way. The use of Dridex malware to infect customer machines, steal login credentials and subsequently steal significant sums from customer accounts shows how these incidents can directly impact end-users. As these types of attack become increasingly common, traditional defences need to be rethought, as concerns amplify over whether they can protect users sufficiently.

    Evolving techniques

    Of course, best practices should still be adhered to; users should always maintain strong passwords and avoid opening email attachments from unknown sources, but infection techniques are much more sophisticated in the current cybersecurity landscape. Hackers are using techniques such as drive-by infection (auto downloads from websites without the user authorisation) and watering hole attacks (compromising high use websites with malware), meaning that devices can get infected without the user necessarily facilitating the compromise.

    As a malware strain, Dridex is fairly well known and, as such, is reasonably easy to detect. Other strains, such as Dyre and Tinba, are significantly more difficult to detect. In addition, with source code for many malware types being released to the hacking community, we are now seeing upsurges in strains that had previously been mitigated. These are modified versions of the original with potentially differing signatures that will defeat traditional signature based solutions.

    Mitigating malware

    How then have financial organisations sought to deal with these types of risks? Many have invested in sophisticated anti-fraud systems that track transactions and use complex analysis to identify potentially fraudulent activity. This is all well and good, but does not consider defence against compromise of the endpoint device. Many financial organisations have solutions for this too, but in general these require client software to be installed on the end user device. This presents a problem, as customer take-up of these components is usually low. Despite the banks not mandating that these software components must be used, there have been high profile cases where the customers have been penalised for neglecting to use them. This demonstrates that there is often a gap in the protection being provided.

    It’s all about the app

    How then can organisations best protect the customers against their own devices?  We have established that the end-point device is a challenge, but what about the data centre? Applications are not necessarily the right place to apply security controls, because typically application developers are not security specialists and conversely, security specialists tend not to be application specialists, thus causing a disconnect. However, the real challenge is that attacks from the malware will typically be at application level; these can take the form of automated transactions, piggy-backing sessions and much more, so the protection needs to be capable of detecting these attacks. Ideally then, the protection needs to be applied without needing to update the applications and without updating the client. For this aim to be realised, protection in flow is required, as the traffic traverses from the application to client and vice versa. If this can be achieved and changes to application traffic can be detected, reported and ultimately mitigated then the impact that malware brings to the customer can be reduced. In addition, malware tends to capture credentials from the browser – prior to it being encrypted for transport via Secure Socket Layer (SSL). These credentials are then sent to the hacker’s command and control centre for them to re-use. Therefore, a solution with an ability to encrypt the credentials before the malware can access them stands the best chance of alleviating the problem.

    Whilst the threat landscape is relentlessly evolving, the recommendations remain relatively constant: apply as much security as possible. In the case of modern malware attacks, however, making security measures as easy to apply as possible, and not relying solely on the customer, hold the keys to improving the situation.

    More from Technology

    Explore more articles in the Technology category

    Image for Nominations Open for Technology Awards 2026
    Nominations Open for Technology Awards 2026
    Image for Nominations Open for Innovation Awards 2026
    Nominations Open for Innovation Awards 2026
    Image for Archie earns industry recognition across G2, Capterra, and SoftwareReviews
    Archie Earns Industry Recognition Across G2, Capterra, and SoftwareReviews
    Image for The Bankaool Transformation: How a Regional Mexican Bank Became a Fintech Disruptor
    The Bankaool Transformation: How a Regional Mexican Bank Became a FinTech Disruptor
    Image for Submit Your Entry Today for Digital Banking Awards 2026
    Submit Your Entry Today for Digital Banking Awards 2026
    Image for Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Image for Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Image for Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Image for Entrepreneurial Discipline in the AI Economy: Insights from Dmytro Lavryniuk
    Entrepreneurial Discipline in the AI Economy: Insights From Dmytro Lavryniuk
    Image for Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Image for Call for Entries: Best Digital Wallet 2026
    Call for Entries: Best Digital Wallet 2026
    Image for Nominations Open for Brand of the Year Technology 2026
    Nominations Open for Brand of the Year Technology 2026
    View All Technology Posts
    Previous Technology PostThe 1st Vietnamese Enterprise to Receive International Award for Data Management
    Next Technology PostThree Approaches for Improving Data Security in the Financial Services Sector