DyePack Malware

[hamed_masoomi67 0]

Hello

i wanna to know about Dye pack malware.there is any solution for this apt38 malware

url for description of Dye pack : https://brica.de/alerts/alert/public/1232042/malware-used-by-apt38/

 

best regards

[itman 1,659]

DyePack namely Hacktool.APT.DYEPACK has been around since 2015. I assume Eset has a signature/detection for it. To 100% verify this, a hash value would be needed.

This malware is directed toward SWIFT based operations at financial institutions. Also believe most of the targets were within France.

[itman 1,659]

Here's a reference to a targeted SWIFT attack against Bank of Bangladesh: https://www.theregister.co.uk/2016/04/25/bangladeshi_malware_screwed_swift/ .

Here's a detailed technical analysis of the incident: https://baesystemsai.blogspot.com/2016/04/two-bytes-to-951m.html . Of note:

Quote

We believe all files were created by the same actor(s), but the main focus of the report will be on 525a8e3ae4e3df8c9c61f2a49e38541d196e9228 as this is the component that contains logic for interacting with the SWIFT software.

Eset detects the malware associated with the above hash value.

Edited December 1, 2018 by itman

[hamed_masoomi67 0]

Hello 

Thanks for your answer.

best regards