Banks Lose Tens Of Millions Of Dollars In Hollywood-style Hacks

Cyber-criminal gangs are believed to have stolen tens of millions of dollars from at least eight banks in Eastern Europe using tactics usually seen only in Hollywood movies.

These "hacks" consisted of cyber-criminals entering bank offices to inspect and then leave malicious devices connected to the bank's network.

Russian cybersecurity firm Kaspersky Lab, which was called to investigate some of these mysterious cyber-heists, says it found three types of devices at central or regional offices at the eight banks it reviewed.

These included cheap laptops, Raspberry Pi boards, or malicious USB thumb drives known as Bash Bunnies.

Kaspersky said hackers left these devices connected to a bank network or computer, and then connected to the rogue device from a remote location using a GPRS, 3G, or LTE modem.

Hackers used this access to scan local networks for publicly shared folders, but also for web servers or any other computer with open access.

At the last stage of their attacks, attackers left malware on the bank's network, which they later used to orchestrate cyber-heists during which they stole funds from the banks' accounts.

Kaspersky experts said these hacks, which the company has been tracking under the codename of "DarkVishnya," have happened throughout 2017 and 2018, but declined to name the breached banks, due to privacy clauses in incident response contracts.

"Even in companies where security issues are taken seriously, planting such a device is not impossible," said Nikolay Pankov of Kaskerpsky Lab. "Couriers, job seekers, and representatives of clients and partners are commonly allowed into offices, so malefactors can try to impersonate any of them."

While a laptop would have been spotted more easily, the other two devices, the Raspberry Pi and Bash Bunnies, are small and easy to hide. They only require a USB connection and were easy to sneak between a computer's cables or under desks.

ZDNet:

You Might Also Read:

Financial Sector Breaches Soar Despite Heavy Security Spending

« IoT Cybercrime Hotspot In Canada
NCSC Aims To Inspire Young Female Code-Breakers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

SI-CERT

SI-CERT

SI-CERT (Slovenian Computer Emergency Response Team) is the national cyber scurity incident response center for Slovenia.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

ZyberSafe

ZyberSafe

ZyberSafe is an innovative Danish company specialized within building hardware encryption solutions.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

VivoSecurity

VivoSecurity

VivoSecurity is a pioneer in cyber risk quantification based on data science. Our products and services help organizations achieve optimal information security and GRC programs.

th4ts3cur1ty.company

th4ts3cur1ty.company

th4ts3cur1ty.company specialize in delivering intelligence lead adversary emulation purple teaming & the bespoke building of Security Operation Centers.

YL Ventures

YL Ventures

YL Ventures funds and supports brilliant Israeli tech entrepreneurs from seed to lead.

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

Dataminr

Dataminr

Dataminr Pulse helps organizations strengthen business resilience with AI-powered, real-time risk and event discovery—and the integrated tools to manage responses.

Mindgard

Mindgard

The Mindgard Security Copilot platform secures your Artificial Intelligence, GenAI and LLMs.

Trovent Security

Trovent Security

Trovent was founded with a clear goal: to support medium-sized companies in significantly increasing their IT security level.

Teal Technology Consulting

Teal Technology Consulting

TEAL Technology Consulting is your trusted advisor for all your information security needs.

Alpha Echo

Alpha Echo

Specialising in security advice and enterprise-wide Cyberworthiness, Alpha Echo helps Australia deliver on cyber outcomes at a military grade level.

Trium Cyber

Trium Cyber

Trium Cyber - Expert Cyber Underwriting and Claims Management. Based in the US and UK. Backed by Lloyd’s of London.