September 15, 2015
UK government agencies and banks feature prominently on a ‘hitlist’ of 385 million email addresses that has been used by cyber-criminals to spread the Dridex banking Trojan.
News of the attack has just emerged, after Fujitsu first discovered the target list in March. Since then, it has been working behind-the-scenes with CERT UK to trace and shut down the server involved.
Rob Norris, Fujitsu’s UK enterprise and cyber-security director, confirmed to SCMagazineUK.com this week that it found the 385 million email addresses on a server hosted in Russia as part of its activity tracking Dridex over the past few months. In that time, Fujitsu has seen as many as 12 different Dridex phishing campaigns in one day.
“The attack vector is huge for these cyber-criminals and they have a big user list to aim at,” Norris told us via email. “A high number of email addresses were recently found within Government agencies and we have worked with the Government to get those servers closed down.”