News

Hacker group successfully carried out 16 attacks on small banks in America

By admin
Spread the love

Security firm Group IB has published a report on a hacker group targeting primarily small US banks, in addition to targets in Russia and the UK. Over a period of 1.5 years, at least twenty attacks took place, the company claims.

The company has renamed the group MoneyTaker. In a more extensive report, Group IB describes how the group typically stole internal bank documentation in its hacks, probably to prepare for future attacks. In addition, the criminals were able to steal money, in the sixteen successful attacks on American targets, the damage averaged half a million dollars. In three attacks on Russian targets, that amounted to an average of 1.2 million dollars.

The hacker group used various techniques to penetrate the banking networks. For example, MoneyTaker used self-written tools, but also open source software such as Meterpreter and Metasploit. To disguise network traffic between infected systems and the command-and-control servers, the attackers themselves created signed digital certificates with the names of well-known companies such as Microsoft and Yahoo. The security company writes that in one case it was able to determine how the attackers first gained access to the network. They did this by taking over the home PC of an IT administrator.

In addition, the group used techniques to ensure that their methods did not fall into the ‘wrong’ hands. For example, by using ‘fileless’ malware that is only present in the memory of an infected system. In this way, it can be removed after use without leaving many traces. Also, the attackers’ server only distributed payloads to targets that appeared on a predefined list. The group replaced its attack infrastructure after each successful attack, the security firm said.

One of the researchers tells Bloomberg that the attackers mainly targeted small banks because they were relatively easy to penetrate due to lack of security means. The attacks mainly targeted payment card transaction processing systems. This allowed the attackers to create cards with which so-called money mules, or money mules, could withdraw money.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin