VERY IMPORTANT

First observed in July 2014, “Dridex,” a financial banking Trojan, is considered the successor to the “GameOver ZeuS” (GoZ) malware. Dridex utilizes an improved version of GoZ’s peer-to-peer architecture to protect its command-and-control (C2) servers against detection by security researchers and law enforcement. Dridex was most active between 2014 and 2015, and smaller campaigns were observed throughout 2016. On January 25, 2017, the criminal syndicate behind Dridex launched another small campaign targeting UK financial institutions.