September 29, 2015
The Dyreza Trojan long ago ceased its exclusive focus on stealing banking credentials, and has been blamed for its part in attacks against Salesforce.com customers, webhosts and registrars, online retailers and many more.
Researchers at Proofpoint today published new information that indicates the malware is now being used to phish credentials for the IT supply chain as well. As many as 20 organizations, including a handful of software companies supporting fulfillment and warehousing and another set of computer distributors, were listed in the malware’s configuration files.