Mystery Malware Infects and Puzzles Polish Banks
According to Polish media reports of the week before the 6th, IT security groups of several Polish banks were extremely occupied hunting their computers and servers for one special kind of malware following many banks that discovered the infection on their systems.
And while the ultimate objective of the malware isn't clear, yet within a minimum of one instance, the malware infected one particular bank's PC for exfiltrating data from it onto one external server. It wasn't possible to immediately say what was the stolen data's nature as the data was encrypted, thus reported Zaufana Trzecia Strona an IT news blog of Poland on February 3, 2017.
Things turned worse when experts became sure that the possible contamination occurred on the portal belonging to Polish Financial Supervision Authority, name of one government watchdog looking over Poland's banking sector. BadCyber a cyber-security firm running independently detected clue that there was malevolent JavaScript code on the agency's portal from October until recently, the time the whole portal was disconnected from the Internet. PCWorld posted this February 7, 2017.
According to researchers at BadCyber, once the JavaScript code gets downloaded as well as run on a PC, it links up with remote servers while gets utilized for doing network reconnaissance, data exfiltration as also lateral movement.
The malicious program resembles other crime-ware programs, however, hasn't ever got documented earlier. As per BadCyber, there are several phases as also obfuscation layers to it and the majority of anti-virus software can't detect it. Its ultimate payload shows the functionality of RAT (Remote Access Trojan).
Apparently thought as the malware's source, the www.knf.gov.pl online site presently exhibits one temporary page notifying Web-surfers visiting it that the website can't be accessed. There's also little suggestion about funds being filched alternatively customers' accounts being endangered.
Cyber-criminal gangs exist which are specialists in bank hacking operations. After they hack into the networks, they wait months' long periods prior to beginning stealing money. They spend the waiting time to minutely observe as well as collect information regarding a bank's internal procedures, processes of their money transfers, as well as about main employees.
ยป SPAMfighter News - 2/13/2017