Signature Detail

Short Name	TROJAN:DYRE
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	TROJAN
Keywords	trojan RAT remote access Dyre
Release Date	2014/06/20
Update Number	2392
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

TROJAN: Dyre Remote Access Activity

This signature detects the Dyre Remote Access Trojan. Dyre is a trojan that is known to spread through the cloud storage service Dropbox and targets banking information on the infected host. A detection on this signature indicates that the source IP is most likely compromised and should be investigated.

References

URL: http://phishme.com/project-dyre-new-rat-slurps-bank-credentials-bypasses-ssl/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

TROJAN: Dyre Remote Access Activity

References