Cridex is a sophisticated strain of banking malware that can steal banking credentials and other personal information on an infected system in order to gain access to the financial records of a user.
The Cridex Trojan Horse spreads by copying itself to mapped and removable drives on infected computers. Cridex creates a backdoor entry point on infected systems, enabling the possibility for additional malware to be downloaded and run as well as conduct operations such as opening rogue websites.
This latter capability enables Cridex to capture the banking credentials of users on an infected system when the user attempts to visit and log into a financial web site. Cridex will surreptitiously redirect the user to a fraudulent version of the financial site and record the login credentials as they are entered.
At that point, Cridex gives the cybercriminal the ability to connect to the actual financial site from the infected system and execute fraudulent financial transactions.
Cridex’s Evolution from the GameOver Zeus Malware
Cridex was first discovered and identified in January 2012, and subsequent variants have also been referred to as Bugat and Feodo. The Cridex Trojan itself features many aspects of the GameOver Zeus (GOZ) malware, evolving from the GOZ malware as a way of conducting fraudulent financial transactions.
A new form of malware based on Cridex, known as Dridex, emerged in late 2014 and quickly spread via a spam e-mail campaign that initially generated 15,000 e-mails pet day.
Also see The Difference Between a Virus, Worm and Trojan Horse in the Did You Know? section of Webopedia.