Detection Engineering

MTA - Mike's Computer

Write-Up - Malware Traffic Analysis
Executive Summary Impact A user’s system has been infected with a malware family known as Dyreza which can be used to do any of the following: Perform man-in-the-middle attacks via browser injections Monitor/take screenshots of browser activity Steal personal security certificates Steal online banking/login credentials Track the affected user’s location through STUN (Session Traversal Utilities for NAT). This malware is most commonly used by criminals to steal bank credentials from individual users rather than attack large corporations.