Users tricked by spam messages to open malicious Word documents that distribute the Dridex online banking Trojan might have a pleasant surprise: They’ll get a free anitivirus program instead.

That’s because an unknown person — possibly a white-hat hacker — gained access to some of the servers that cybercriminals use to distribute the Dridex Trojan and replaced the malware with an installer for Avira Free Antivirus.

Dridex is one of the three most widely used computer Trojans that target online banking users. Last year, law enforcement authorities from the U.S. and U.K. attempted to disrupt the botnet and indicted a man from Moldova who is believed to be responsible for some of the attacks.

To read this article in full or to leave a comment, please click here