Jump to content
Sign in to follow this  

DyePack Malware

Recommended Posts

DyePack namely Hacktool.APT.DYEPACK has been around since 2015. I assume Eset has a signature/detection for it. To 100% verify this, a hash value would be needed.

This malware is directed toward SWIFT based operations at financial institutions. Also believe most of the targets were within France.

Share this post

Link to post
Share on other sites

Here's a reference to a targeted SWIFT attack against Bank of Bangladesh: https://www.theregister.co.uk/2016/04/25/bangladeshi_malware_screwed_swift/ .

Here's a detailed technical analysis of the incident: https://baesystemsai.blogspot.com/2016/04/two-bytes-to-951m.html . Of note:


We believe all files were created by the same actor(s), but the main focus of the report will be on 525a8e3ae4e3df8c9c61f2a49e38541d196e9228 as this is the component that contains logic for interacting with the SWIFT software.

Eset detects the malware associated with the above hash value.

Edited by itman

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.