Jump to content

DyePack Malware

Recommended Posts

DyePack namely Hacktool.APT.DYEPACK has been around since 2015. I assume Eset has a signature/detection for it. To 100% verify this, a hash value would be needed.

This malware is directed toward SWIFT based operations at financial institutions. Also believe most of the targets were within France.

Link to comment
Share on other sites

Here's a reference to a targeted SWIFT attack against Bank of Bangladesh: https://www.theregister.co.uk/2016/04/25/bangladeshi_malware_screwed_swift/ .

Here's a detailed technical analysis of the incident: https://baesystemsai.blogspot.com/2016/04/two-bytes-to-951m.html . Of note:


We believe all files were created by the same actor(s), but the main focus of the report will be on 525a8e3ae4e3df8c9c61f2a49e38541d196e9228 as this is the component that contains logic for interacting with the SWIFT software.

Eset detects the malware associated with the above hash value.

Edited by itman
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...