Home / News / Hackers breach details of 9,000 DHS employees, plan to leak 20,000 from FBI

Hackers breach details of 9,000 DHS employees, plan to leak 20,000 from FBI

While delivering a speech at the Kaspersky Security Analyst Summit that recently took place in Tenerife, Spain, Sergey Golovanov, from Kaspersky Lab and Vladislav Roskov acquainted attendees about the advanced persistent threats (APTs) that continue to pose a critical threat to the banking and financial industry.

For those who aren’t aware, an APT is a network attack that facilitates the entry of an unauthorized person in a network where he can remain undetected for a long time.

Take the example of Carbanak. The APT, which is now circulating in a more improved form, was first discovered in the year 2015 when it struck banks of over 30 countries allowing attackers to loot at least a billion dollars from these financial institutions.

Recently, there have been reports of another APT, called ‘Metel’ that spies on financial institutions, especially the ones with weaker security, through “legitimate software” and “innovative schemes” and consequently gains access into records of transactions, thereby automating the rollback of ATM transactions.

Thus once when the records of these transactions on the PC has been compromised with, it makes sure that the debit card balances shown on the machine remain the same, despite the number of ATM withdrawals that may have taken place. Metel is said to have been “driving around cities in Russia at night and emptying ATM machines belonging to a number of banks.” Golovanov also added that through a “magic card number”, this APT has managed to extract out millions, while using an accomplice to obliterate the transaction data as it continued with its activities.

According to Roskov, Metel makes use of 30 modules like keyloggers, form grabbers, browser injection tools, and many more to accomplish what they aim to.

After it has made its way through the walls of the system’s security, the group of hackers use underground penetration testing techniques to detect any the chinks in the armour, hijack local domains and thus gain entry into the actual systems that able in payment processing.

While it is mostly said to be concentrated in Russia, researchers are of the view that its contagious fangs have spread to greater territories. With the “active phase” of a cyber-attack becoming lesser day by day, the attacker nowadays doesn’t really take much time to complete his deeds.

Metel isn’t the only one, GCMAN is another such group that uses stealth to penetrate through the walls of defense using tools like Putty and VNC that not only make them go undetected but are legitimate as well.

Golovanov continued by saying that the Carbanak was just one out of the many cyber criminals that “learn fast how to use new techniques”.

So what’s the solution to such attacks – Cabanak advised the protecting of the databases that contained the personal information about the owners, and their financial transactions.

About Ali Raza

Ali is a freelance journalist, having 5 years of experience in web journalism and marketing. He contributes to various online publications. With a master degree, now he combines his passions for writing about internet security and technology. When he is not working, he loves traveling and playing games.

Check Also

Web malware used to steal card data from e-commerce websites

Web malware used to steal card data from e-commerce websites

A campaign which cyber criminals have been attacking the various e-commerce websites online has been …

Leave a Reply

Your email address will not be published. Required fields are marked *