Skip to content

Peering into Dyre's Traffic

Author

Sergei Shevchenko

Published

07 November 2015

Dyre (also known as Dyreza) is a banking trojan that has got quite a bit attention over the last few months. Nevertheless, it's always interesting to re-visit a known threat to see what has changed.

Dyre (also known as Dyreza) is a banking trojan that has got quite a bit attention over the last few months. Nevertheless, it's always interesting to re-visit a known threat to see what has changed.

This post provides an insight into the traffic encryption used by Dyre and what additional components it relies on. The provided source code allows decryption of downloaded Dyre configurations and plugins from the known C&C hosts.

But let's start from the dropper...

Read this post in full and explore our technical Threat Research Blog.

Related stories

Showing 340 results

Hunter class frigate Units 10 and 16 in Building 22.

Hunter class frigate Units 10 and 16 in Building 22.

22 October 2025 INSIGHT

Building momentum: Over half of the first Hunter class frigate is now in production

Fifteen months ago, we cut steel for the Royal Australian Navy’s first Hunter class frigate at Osborne Naval Shipyard. Since then, the pace and scale of progress has been remarkable.

16 October 2025 INSIGHT

Mitigating malicious insider threats in the Space domain

We outline some of the frameworks that Space organisations can use to identify and mitigate against the insider threat

Photograph of Sami Istephan

14 October 2025 INSIGHT

Meet the Vice President of Global Alliances: Sami Istephan

Insights into the secrets and challenges of building effective business partnerships

Abstract image of submarine starting to dive underwater

09 October 2025 INSIGHT

Unlocking new opportunities in subsea intelligence

Ocean Infinity’s Commercial Director, Alex Fox, discusses the evolution of the subsea domain and how collaboration at an industry and national level can deliver operational advantage

T-150 on exercise in South Korea

07 October 2025 INSIGHT

Royal Navy and US Army show how T-150 could deliver supplies to the frontline

700X Naval Air Squadron tested a Malloy T-150 in a joint event hosted by the US Army’s Eighth Army while in South Korea.

Key considerations ahead of the UK’s new Cyber Security and Resilience Bill

30 September 2025 INSIGHT

Key considerations ahead of the UK’s new Cyber Security and Resilience Bill

Set to come into enforcement in 2026, the upcoming CSRB expands significantly on existing NIS regulations. Here’s what organisations need to be aware of.

18 September 2025 INSIGHT

Evaluating the threat of malicious insiders on space supply chains

Given the current climate of geopolitical tension and uncertainty, combined with the influence of the space sector to defence and national security, space is a prominent target for malicious insiders. In our latest blog, we evaluate the Insider Threat to space innovation and supply chains.

11 September 2025 INSIGHT

Chronic risk in a digital age

What does the UK Government’s new analysis on the current risk landscape mean for cyber security resilience?

09 September 2025 INSIGHT

Crewed and uncrewed aircraft come together for synthetic demonstration

BAE Systems and QinetiQ have successfully completed synthetic trials to show how uncrewed aircraft can operate alongside existing crewed aircraft like Typhoon to provide a more cost-effective and flexible concentration of combat air power.

Get in touch

Sergei Shevchenko

Cyber Research