Researchers at PhishMe uncovered a new malware threat dubbed \u201cDyre\u201d about a month ago. Now, a new blog post from PhishMe provides intricate details about a new variation on Dyre that provide a look at the potential source and impact of the threat. Dyre is a RAT (root access Trojan). Dyre is part of a new generation of phishing scams that make use of cloud-based file sharing services like Dropbox or LogMeIn\u2019s Cubby. The phishing attack distributes links via email to lure unsuspecting users into downloading the malicious file from the file sharing service. Once it is executed, Dyre phones home to designated IP addresses to download additional malicious tools, and attempts to intercept and compromise banking credentials and other sensitive data. The new attack has been called \u201cSlava Ukraini\u201d. The phrase, which translates to \u201cGlory to Ukraine\u201d, is embedded in the code of the new variant. PhishMe researchers were able to access the associated Google Analytics account for the malware, revealing information about just how many potential victims have clicked on the link, as well as which browsers have been used, and which countries the victims are in. The phrase \u201cSlava Ukrainin\u201d would seem to suggest that the malware is authored by someone in the Ukraine. However, that is merely an assumption. It could be written by malware developers sympathetic to the Ukrainian cause, or even perhaps by Russian loyalists in an attempt to obfuscate its true source and lay the blame on Ukraine. What is most concerning about Slava Ukraini is the apparently low rate of detection by antimalware defenses. According to PhishMe, one component is detected by only 12 out of 53 AV vendors, and other elements are detected by only 10 and 11 AV vendors respectively. Hopefully users have enough common sense not to click on suspicious links or download and execute unknown files, but for those who lack that common sense it doesn\u2019t bode well that only 20 percent of the AV vendors provide adequate protection against the underlying malware.