Carbanak cyber-thieves’ newest attacks exposed

The infamous Carbanak group is again doing what it does best: attacks and compromises financial institutions, and tries to steal as much money as possible from them by taking advantage of their victim payment processing networks, ATM networks and transaction systems. Carbanak became a well-known name in February 2015, when Kaspersky Lab researchers shared what they knew about this gang, which has been operating since late 2013 and has stolen hundreds of millions of dollars … More

The return of Carbanak: Banks face new attacks

A year after Kaspersky Lab warned that cyber-criminals would start to adopt the tools and tactics of nation-state backed APTs in order to rob banks, the company has confirmed the return of Carbanak as Carbanak 2.0 and uncovered two more groups working in the same style: Metel and GCMAN. They attack financial organizations using covert APT-style reconnaissance and customized malware along with legitimate software and new, innovative schemes to cash out. The Metel cyber-criminal group … More

Carbanak APT still targeting high-value financial institutions and casinos

The Anunak / Carbanak hacking group continues to target banks, but has also now hitting Forex-trading companies, casinos, and other institutions from which it can steal large amounts of money or (mis)usable payment card information.The group, whose techniques and goals were first revealed by Group-IB and Fox-IT in late 2014, and then by Kaspersky Lab researchers in February 2015, is a rare breed: an APT group that’s unlikely to be state-sponsored, and one that is … More

Carbanak cyber gang stole hundreds of millions from banks

Since late 2013, an international cyber criminal group has been targeting banks around the world and has made off with $300 million – possibly even more – by compromising the banks’ systems with malware and using the information gleaned via it to their advantage, Kaspersky Lab has revealed to the NYT. The gang, which includes Russian, Chinese and European individuals, continues to operate to this day and, according to the company’s research, they are not … More

Threats financial organizations will face in 2019

What type of threats will financial services and banking organizations face in 2019? According to IntSights Cyber Intelligence, they should be prepared for breaches effected through compromise of established vendor software or SaaS products, and vulnerable third-party, open source software implemented in the applications they use. Also: extortion attempts. “Regulation fines and brand reputation damage can be way more costly than downtime or lost data. Given the large fines for GDPR laws and massive data … More

Week in review: Hacking intelligent buildings, trust in critical systems under attack

Here’s an overview of some of last week’s most interesting news and articles: The current state of USB data protection The vast majority of employees rely on USB devices. In fact, nine out of 10 employees rely on USB devices today and 69 percent of respondents maintain that USB drives increase workplace productivity. Macro-less word document attacks on the rise Total malware attacks are up by 33 percent and cyber criminals are increasingly leveraging Microsoft … More

Gang leader behind malware attacks targeting 100 financial institutions arrested in Spain

The leader of the crime gang behind the Carbanak and Cobalt malware attacks targeting over a 100 financial institutions worldwide has been arrested in Alicante, Spain, after a complex investigation conducted by the Spanish National Police, with the support of Europol, the US FBI, the Romanian, Belarussian and Taiwanese authorities and private cyber security companies. Since 2013, the cybercrime gang have attempted to attack banks, e-payment systems and financial institutions using pieces of malware they … More

ATM hackers switch to network-based attacks

More and more attacks against ATMs are network-based, Trend Micro researchers have found. Since the discovery of the first ATM malware back in 2009, criminals have concentrated on opening the ATM’s case and accessing the machine‚Äôs internals to boot the malware up from an external USB or CD. But lately, as banks have ramped up efforts to protect the machines from physical attacks, criminals have begun switching infection vectors. “Network infections require more work and … More

US restaurants targeted with fileless malware

Morphisec researchers have spotted another attack campaign using fileless malware that is believed to be mounted by the infamous FIN7 hacking group. The goal of the campaign is to gain control of the target businesses’ systems, install a backdoor, and through it perform continual exfiltration of financial information. “Like past attacks, the initial infection vector is a malicious Word document attached to a phishing email that is well-tailored to the targeted business and its day-to-day … More

Clever spear-phishing emails hit employees involved in SEC filings

FireEye has flagged a sophisticated spear-phishing campaign hitting US-based businesses with emails purportedly coming from the US Securities and Exchange Commission (SEC). The emails look like they’ve been sent by a SEC employee, address the recipients by name, and urge them to download a Word document containing important changes regarding Form 10-K, an annual financial performance report required by the organization. The malware The malicious attachment drops two PowerShell backdoors. One is fileless and resides … More