Banks Lose Tens Of Millions Of Dollars In Hollywood-style Hacks

Uploaded on 2018-12-17 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Cyber-criminal gangs are believed to have stolen tens of millions of dollars from at least eight banks in Eastern Europe using tactics usually seen only in Hollywood movies.

These "hacks" consisted of cyber-criminals entering bank offices to inspect and then leave malicious devices connected to the bank's network.

Russian cybersecurity firm Kaspersky Lab, which was called to investigate some of these mysterious cyber-heists, says it found three types of devices at central or regional offices at the eight banks it reviewed.

These included cheap laptops, Raspberry Pi boards, or malicious USB thumb drives known as Bash Bunnies.

Kaspersky said hackers left these devices connected to a bank network or computer, and then connected to the rogue device from a remote location using a GPRS, 3G, or LTE modem.

Hackers used this access to scan local networks for publicly shared folders, but also for web servers or any other computer with open access.

At the last stage of their attacks, attackers left malware on the bank's network, which they later used to orchestrate cyber-heists during which they stole funds from the banks' accounts.

Kaspersky experts said these hacks, which the company has been tracking under the codename of "DarkVishnya," have happened throughout 2017 and 2018, but declined to name the breached banks, due to privacy clauses in incident response contracts.

"Even in companies where security issues are taken seriously, planting such a device is not impossible," said Nikolay Pankov of Kaskerpsky Lab. "Couriers, job seekers, and representatives of clients and partners are commonly allowed into offices, so malefactors can try to impersonate any of them."

While a laptop would have been spotted more easily, the other two devices, the Raspberry Pi and Bash Bunnies, are small and easy to hide. They only require a USB connection and were easy to sneak between a computer's cables or under desks.

ZDNet:

You Might Also Read:

Financial Sector Breaches Soar Despite Heavy Security Spending

« IoT Cybercrime Hotspot In Canada
NCSC Aims To Inspire Young Female Code-Breakers »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

D-RisQ

D-RisQ

D-RisQ is focussed on delivering techniques to reduce the development costs of complex systems and software whilst maximising compliance

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node is part of a national network designed to foster and accelerate cyber capability and innovation across Australia.

TekSek Cyber Security

TekSek Cyber Security

Preparing you for tomorrow's security threats.

Suridata

Suridata

Suridata’s SaaS Security platform enables organizations to secure the use of SaaS applications.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

Centroid

Centroid

Centroid is a cloud services and technology company that provides Oracle enterprise workload consulting and managed services across Oracle, Azure, Amazon, Google, and private cloud.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

Turngate

Turngate

Turngate simplify security investigations so you can see employee activities and entitlements in your enterprise in seconds.

PRE Security

PRE Security

PRE Security is leading the transition into the next era of AI cybersecurity with a new model: Predict & Prevent.

Advanced IT

Advanced IT

Reliable managed IT Security & support services that will help you take your business operations to the next level without breaking the bank!

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.

SITE Intelligence Group

SITE Intelligence Group

For over two decades, SITE Intelligence Group has provided customers with critical actionable intelligence and analysis on terrorist and violent extremist online networks.