Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 19:13:25 UTC
Home > List all groups > List all tools > List all groups using tool Dridex
 Tool: Dridex
Names
Dridex
Bugat v5
Category Malware
Type Banking trojan, Credential stealer, Worm
Description
OxCERT blog describes Dridex as 'an evasive, information-stealing malware variant; its goal is to acquire as many
credentials as possible and return them via an encrypted tunnel to a Command-and-Control (C&C) server. These C&
servers are numerous and scattered all over the Internet, if the malware cannot reach one server it will try another. F
reason, network-based measures such as blocking the C&C IPs is effective only in the short-term.'
According to MalwareBytes, 'Dridex uses an older tactic of infection by attaching a Word document that utilizes ma
install malware. However, once new versions of Microsoft Office came out and users generally updated, such a thre
subsided because it was no longer simple to infect a user with this method.'
IBM X-Force discovered 'a new version of the Dridex banking Trojan that takes advantage of a code injection techn
called AtomBombing to infect systems. AtomBombing is a technique for injecting malicious code into the 'atom tab
almost all versions of Windows uses to store certain application data. It is a variation of typical code injection attack
take advantage of input validation errors to insert and to execute malicious code in a legitimate process or applicatio
Dridex v4 is the first malware that uses the AtomBombing process to try and infect systems.'
Information
MITRE ATT&CK Malpedia Last change to this tool card: 15 February 2023
Download this tool card in JSON format
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=be7578fe-e99f-4c53-bac4-db27ddbe2d2b
Page 1 of 2

All groups using tool Dridex
Changed Name Country Observed
APT groups
  Indrik Spider 2007-Oct 2024
  TA505, Graceful Spider, Gold Evergreen 2006-Nov 2022
  TA530 [Unknown] 2016-Nov 2016  
3 groups listed (3 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=be7578fe-e99f-4c53-bac4-db27ddbe2d2b
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=be7578fe-e99f-4c53-bac4-db27ddbe2d2b
Page 2 of 2