Threat Management, Incident Response, Network Security, TDR

Cybercriminals increasingly launching APT-style attacks against banks, finds Kaspersky

Share

Kaspersky Lab today revealed that cybercrime organizations are increasingly stealing funds from banks by employing many of same Advanced Persistent Threat tools and tactics that previously were only attributable to nation-states.

In a press release, Kaspersky detailed three separate, highly coordinated schemes — all of which employ different mixtures of malware, legitimate programs and pentesting tools to achieve their goals.

The cybercriminal group Metel has found a way to compromise banking systems in order to surreptitiously “roll back” ATM transactions, as if they never happened. This way, a debit card's balance always appears to stays the same, despite multiple withdrawals.

Another criminal operation, GCMAN, has discovered a way to infiltrate banking systems using only legitimate tools such as Putty, VNC and Meterpreter utilities, in order to transfer money to e-currency services without detection.

The APT known as Carbanak has returned as Carbanak 2.0, targeting not only banks, but also the budgeting and accounting departments of various organizations.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.