Proofpoint
recently detected an enormous cyber-attack in which the APT gang Carbanak from
Russia is involved while returning to business.
The
security company finds the gang attacking executive officers within the
national economies' financial sectors in Europe, USA and Middle East, of which
the Middle East accounts for the maximum instances. The attack does not just
target financial institutions but firms in the media too along with somewhat
unusual targets such as the fire safety, heating and air conditioning
companies.
The gang
reportedly became inactive during February 2015 when security researchers
thwarted their operations; however, in the autumn of the same year and
subsequently during February 2016, it made a comeback with fresh assaults;
however, this time targeting multinational companies' financial departments and
the institutions of finance.
These
targeted assaults described as spear phishing attacks occurred directly against
high-profile executive officers within banks situated inside eighteen
countries, with the majority striking UAE, Kuwait, Oman, USA and Australia.
Proofpoint
researchers observed that the gang moved their attack beyond institutions of
finances to apparently unconnected targets within HVAC, fire and safety. They
further said that among others who could provide attackers an entry point were
suppliers and vendors.
Proofpoint
believes the current attacks are indications of the notorious $1bn heist by
Carbanak of 2015 about to make a repeat. According to the company's research,
computations show that last year's assault covered 3-4 months since start of
contamination to theft that brings up the question about if the current attack
is preparation for the next such high value heist. Apparently Proofpoint is
seeing the initial phases of certain assault leveraging fresh exploits, RATs
and malware-laced e-mail attachments for targeting fresh entities beyond the
Russian domain they normally seek. Scmagazineuk.com posted this, March
22, 2016.
Proofpoint
detects the latest threat to be a RAT (remote access Trojan) namely Spy.Sekur
employed for creating backdoors on contaminated desktops. Alongside Spy.Sekur,
Carbanak employed other increasingly infamous RATs as well, say security
researchers. And as spear-phishing scams normally make up the early phase of
most Internet offenses, Proofpoint has apparently seized Carbanak performing
theft directly during one fresh surge of assaults.
Proofpoint
recently detected an enormous cyber-attack in which the APT gang
Carbanak from Russia is involved while returning to business.
The security company finds the gang attacking executive officers within the national economies' financial sectors in Europe, USA and Middle East, of which the Middle East accounts for the maximum instances. The attack does not just target financial institutions but firms in the media too along with somewhat unusual targets such as the fire safety, heating and air conditioning companies.
The gang reportedly became inactive during February 2015 when security researchers thwarted their operations; however, in the autumn of the same year and subsequently during February 2016, it made a comeback with fresh assaults; however, this time targeting multinational companies' financial departments and the institutions of finance.
These targeted assaults described as spear phishing attacks occurred directly against high-profile executive officers within banks situated inside eighteen countries, with the majority striking UAE, Kuwait, Oman, USA and Australia.
Proofpoint researchers observed that the gang moved their attack beyond institutions of finances to apparently unconnected targets within HVAC, fire and safety. They further said that among others who could provide attackers an entry point were suppliers and vendors.
Proofpoint believes the current attacks are indications of the notorious $1bn heist by Carbanak of 2015 about to make a repeat. According to the company's research, computations show that last year's assault covered 3-4 months since start of contamination to theft that brings up the question about if the current attack is preparation for the next such high value heist. Apparently Proofpoint is seeing the initial phases of certain assault leveraging fresh exploits, RATs and malware-laced e-mail attachments for targeting fresh entities beyond the Russian domain they normally seek. Scmagazineuk.com posted this, March 22, 2016.
Proofpoint detects the latest threat to be a RAT (remote access Trojan) namely Spy.Sekur employed for creating backdoors on contaminated desktops. Alongside Spy.Sekur, Carbanak employed other increasingly infamous RATs as well, say security researchers. And as spear-phishing scams normally make up the early phase of most Internet offenses, Proofpoint has apparently seized Carbanak performing theft directly during one fresh surge of assaults. - See more at: http://www.spamfighter.com/News-20182-Carbanak-Gang-Reappears-with-Enormous-Cyber-attack.htm#sthash.9hGv1hWu.dpuf
The security company finds the gang attacking executive officers within the national economies' financial sectors in Europe, USA and Middle East, of which the Middle East accounts for the maximum instances. The attack does not just target financial institutions but firms in the media too along with somewhat unusual targets such as the fire safety, heating and air conditioning companies.
The gang reportedly became inactive during February 2015 when security researchers thwarted their operations; however, in the autumn of the same year and subsequently during February 2016, it made a comeback with fresh assaults; however, this time targeting multinational companies' financial departments and the institutions of finance.
These targeted assaults described as spear phishing attacks occurred directly against high-profile executive officers within banks situated inside eighteen countries, with the majority striking UAE, Kuwait, Oman, USA and Australia.
Proofpoint researchers observed that the gang moved their attack beyond institutions of finances to apparently unconnected targets within HVAC, fire and safety. They further said that among others who could provide attackers an entry point were suppliers and vendors.
Proofpoint believes the current attacks are indications of the notorious $1bn heist by Carbanak of 2015 about to make a repeat. According to the company's research, computations show that last year's assault covered 3-4 months since start of contamination to theft that brings up the question about if the current attack is preparation for the next such high value heist. Apparently Proofpoint is seeing the initial phases of certain assault leveraging fresh exploits, RATs and malware-laced e-mail attachments for targeting fresh entities beyond the Russian domain they normally seek. Scmagazineuk.com posted this, March 22, 2016.
Proofpoint detects the latest threat to be a RAT (remote access Trojan) namely Spy.Sekur employed for creating backdoors on contaminated desktops. Alongside Spy.Sekur, Carbanak employed other increasingly infamous RATs as well, say security researchers. And as spear-phishing scams normally make up the early phase of most Internet offenses, Proofpoint has apparently seized Carbanak performing theft directly during one fresh surge of assaults. - See more at: http://www.spamfighter.com/News-20182-Carbanak-Gang-Reappears-with-Enormous-Cyber-attack.htm#sthash.9hGv1hWu.dpuf