#Dridex doesn't appreciate your research

This time targeting researchers using TOR for anonymous research, i don't think its in the interests of these actors to destroy the victims drives unless they are a target. Its an assumption that only those using TOR for inspection of Dridex campaigns are being targeted.

I noticed when analysing a recent sample, on Window XP that it destroyed the MBR and this seems to tally up with Lexsi research and the comments on Malekai's forum.

With the significant growth into Europe, Spain & France particularly being affected, this menace proves its capabilities with a sting in its tail.

Dridex code analysis