The sophisticated fraud scheme is believed to be run by a well-funded Eastern European gang of cyber criminals.
Dyre is programmed to monitor hundreds of bank websites and once the infected victim tries to log in to one of them, a fake screen will appear instead of the corporate banking site.
The page will explain the site is down or under maintenance and that the user should call a certain number to get help logging in.
The cybercrime gang uses a combination of phishing, malware and phone calls to target companies.
Once the victim hangs up the phone, the wire transfer is complete and the money transfer begins from foreign bank to foreign bank to avoid detection by the bank and law enforcement.
IBM Security vice president Caleb Barlow said that the scheme looks unique due to the use of a live phone operator.
In order to overcome the fraud scheme, IBM Security recommends organisations to train employees on security best practices and provide regular reminders to employees on phishing and spam campaigns.
Employees in charge of corporate banking also need to be trained to never provide banking credentials to anyone as banks will never ask for such information.
Dyre, which was used in wide-stroke attacks for 2014, has moved into a more brazen stage of attacking corporate accounts currently through the incorporation of skilled social engineering schemes.
According to IBM, the only way to prevent these types of cyber attacks is by avoiding clicking of suspicious attachments or links.
Image: Once the infected victim tries to log in to any website, a new screen will appear instead of the corporate banking site. Photo: courtesy of hyena reality/ FreeDigitalPhotos.net
