Russian Cyber Attack Threat to Global Banking System

Uploaded on 2015-05-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

FS_Russian_Hackers_2.jpg

A security firm is warning that a group of Russian hackers known for targeting military, government and media organizations is now preparing to attack banks in the US and elsewhere.

The group's preparations have included new malware and registering domain names that are similar to those of the intended targets and were recently discovered by some analysts from the security firm Root9B.
The group has been active since at least 2007 and is known by various names including APT28 and Pawn Storm. Several security vendors believe it operates out of Russia and has possible ties to that country's intelligence agencies.
The group's primary malware tool is a backdoor program called Sednit or Sofacy that it delivers to victims through spear-phishing emails or drive-by downloads launched from compromised websites.
The Root9B analysts came across a phishing domain at the end of April that was similar to that of a Middle Eastern financial institution, according to a report published recently. When they dug deeper they uncovered new Sofacy malware samples and servers and domains that were being set up by the group for an upcoming operation.
The company has alerted the financial institutions, as well as international and US authorities. It's not clear if the attacks have started yet, but the Root9B analysts believe that when they do, they will likely include spear-phishing.
The company released hashes for the new malware samples it has identified and the IP address of a command-and-control server set up by the attackers, so that companies can block them on their networks.

Based on the evidence they've seen, the Root9B analysts believe that there might be two subgroups within APT28: One that targets military and government organizations and one that targets financial institutions and banks. Of course, the attackers might now decide to delay the operation in order to change their infrastructure and targets. So, financial institutions should remain vigilant and should examine all email messages for possible spear-phishing attempts.


Computerworld

 

« Google Says Self-Driving Cars Drive Better Than You
Fast Growing Companies Use CIOs Technology Strategy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

C3IA Solutions

C3IA Solutions

C3IA Solutions is an NCSC-certified Cyber Consultancy providing assured, tailored advice to keep your information secure and data protected.

Thycotic

Thycotic

Thycotic prevents cyber attacks by securing passwords, protecting endpoints and controlling application access.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

Minerva Labs

Minerva Labs

Minerva’s patent pending solution keeps malware in a constant sleep state before it can infiltrate your network and cause any damage.

Global Station for Big Data & Cybersecurity (GSB)

Global Station for Big Data & Cybersecurity (GSB)

GSB is an interdisciplinary research hub to cover big data, information networks, and cybersecurity.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

Bolton Labs

Bolton Labs

Bolton Labs is a leading provider cybersecurity services, tools, and analysis for MSPs and organizations who want to scale their security offerings.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

DataFleets

DataFleets

DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

BalkanID

BalkanID

BalkanID is an Identity governance solution that leverages data science to provide visibility into your SaaS & public cloud entitlement sprawl.

Womble Bond Dickinson

Womble Bond Dickinson

Womble Bond Dickinson is a transatlantic law firm, providing high-quality legal experience and outstanding personal service from key locations across the United Kingdom and United States.

Cisilion

Cisilion

Cisilion's mission is simple – to transform and connect business with next-generation IT infrastructure. Our expertise includes enterprise networking, security, data centre & cloud, managed services.

Arsen Cybersecurity

Arsen Cybersecurity

Arsen is a French cybersecurity startup, dedicated to enhancing human behaviors in cybersecurity.

Corinium Global Intelligence

Corinium Global Intelligence

At Corinium, we have been bringing together the brightest minds in data, AI and info sec since 2013, to innovate at the intersection of technological advancements and critical thinking.