Kaspersky Lab detects attacks on Armenian, Russian banks

A new Russian hacking group operating under the name of Silence has hit at least ten banks across the world with a piece of malware that opens up access to infected computers to compromise banking networks, Finextra reported.

Kaspersky Lab’s researchers say that Silence joins the ranks of the most devastating and complex cyber-robbery operations like Metel, GCMAN and Carbanak, which have succeeded in stealing millions of dollars from financial organizations.

Kaspersky says the Silence Trojan has so far been detected in the internal infrastructure of at least ten banks in multiple countries, including Russia, Armenia and Malaysia.

The Silence Trojan compromises user PCs via spear phishing emails, dropping a malicious payload that is capable of monitoring its victim’s activities, including taking multiple screenshots of the day-to-day workload and providing a real-time video stream of user interactions. In this way, the criminals gain persistent access to internal banking networks for a long period, biding their time until they have gained the necessary knowledge and credentials to undertake a heist.

The criminals also exploit the infrastructure of already infected financial institutions for new attacks, by sending emails from real employee addresses to a new victim, along with a request to open a bank account.

Show More
Back to top button