Russian hackers targeting US banks

Discussion in 'Forum for discussion of ANTICHAT' started by K800, 15 May 2015.

  1. K800

    K800 Nobody's Fool

    Joined:
    25 Dec 2010
    Messages:
    2,156
    Likes Received:
    4,080
    Reputations:
    378
    Security firm Root9B is reporting that the Russian hacking group, known as APT28 or Pawn Storm, are writing new malware, registering domain names similar to those of intended targets, and setting up command-and-control servers.

    [​IMG]

    Several security vendors believe it operates out of Russia and has possible ties to that country’s intelligence agencies.

    The group’s primary malware tool is a backdoor program called Sednit or Sofacy that it delivers to victims through spear-phishing emails or drive-by downloads launched from compromised websites.

    The group appears to be targeting Commercial Bank International in the UAE, Bank of America, TD Canada Trust, the United Nations Childrens Fund (UNICEF), United Bank for Africa, Regions Bank, and possibly Commerzbank.

    It is thought that the group will employ spear-phishing as their main method of delivery.

    Root9B analysts believe that there might be two subgroups within APT28: One that targets military and government organizations and one that targets financial institutions and banks.

    The IP address of a command-and-control server set up by the attackers has been published so that banks and other financial companies can block them on their networks.

    Source: CIO.com

     
    #1 K800, 15 May 2015
    Last edited: 15 May 2015
Loading...