Dyre is a virus. It is capable of hijacking all three major web browsers and intercepting internet banking sessions in order to harvest the victim’s credentials and send them to the attackers.

It also downloads additional malware on to the victim’s computer. In many cases, the victim is added to a botnet which is then used to send out thousands of spam emails in order to spread the threat further.

Dyre is capable of attacking the three most commonly used Windows web browsers (Internet Explorer, Chrome, and Firefox) in order to steal credentials. It uses a number of different man-in-the-browser (MITB) attack techniques to do this. One MITB technique involves the malware checking the URL of every web page visited by the victim to see if it is one of those listed in its configuration files. If there is a match, it will then redirect the victim to a malicious server. If the server is configured to hijack the web page, it sends the victim to a fake web page which looks very similar to the genuine one. This page will then harvest any credentials that the victim enters before redirecting them to the genuine web page in order to avoid raising suspicion.

Community content is available under CC-BY-SA unless otherwise noted.