February 18, 2016
Tidal waves of spam are fuelling the growth of the Dridex Trojan, which has emerged as one of the most dangerous financial threats over the past year. The sheer size of the spam campaigns spreading Dridex (detected by Symantec as W32.Cridex) can sometimes overwhelm organizations hit by them.
Symantec analysis of recent Dridex spam campaigns found that they are operating on a vast scale, with millions of new emails being sent out on a daily basis. The attackers behind Dridex are disciplined and professional. They operate on a standard working week, continually refine the malware, and put significant effort into disguising their spam campaigns as legitimate emails.
At least 145 Dridex spam campaigns were observed during one sample 10-week period. The average number of emails blocked by Symantec per campaign was 271,019, indicating that the total number of emails being sent every day runs to millions.