Tuesday , January 26 2021
Home / News / Hackers breach details of 9,000 DHS employees, plan to leak 20,000 from FBI
FBI

Hackers breach details of 9,000 DHS employees, plan to leak 20,000 from FBI

While delivering a speech at the Kaspersky Security Analyst Summit that recently took place in Tenerife, Spain, Sergey Golovanov, from Kaspersky Lab and Vladislav Roskov acquainted attendees about the advanced persistent threats (APTs) that continue to pose a critical threat to the banking and financial industry.

For those who aren’t aware, an APT is a network attack that facilitates the entry of an unauthorized person in a network where he can remain undetected for a long time.

Take the example of Carbanak. The APT, which is now circulating in a more improved form, was first discovered in the year 2015 when it struck banks of over 30 countries allowing attackers to loot at least a billion dollars from these financial institutions.

Recently, there have been reports of another APT, called ‘Metel’ that spies on financial institutions, especially the ones with weaker security, through “legitimate software” and “innovative schemes” and consequently gains access into records of transactions, thereby automating the rollback of ATM transactions.

Thus once when the records of these transactions on the PC has been compromised with, it makes sure that the debit card balances shown on the machine remain the same, despite the number of ATM withdrawals that may have taken place. Metel is said to have been “driving around cities in Russia at night and emptying ATM machines belonging to a number of banks.” Golovanov also added that through a “magic card number”, this APT has managed to extract out millions, while using an accomplice to obliterate the transaction data as it continued with its activities.

According to Roskov, Metel makes use of 30 modules like keyloggers, form grabbers, browser injection tools, and many more to accomplish what they aim to.

After it has made its way through the walls of the system’s security, the group of hackers use underground penetration testing techniques to detect any the chinks in the armour, hijack local domains and thus gain entry into the actual systems that able in payment processing.

While it is mostly said to be concentrated in Russia, researchers are of the view that its contagious fangs have spread to greater territories. With the “active phase” of a cyber-attack becoming lesser day by day, the attacker nowadays doesn’t really take much time to complete his deeds.

Metel isn’t the only one, GCMAN is another such group that uses stealth to penetrate through the walls of defense using tools like Putty and VNC that not only make them go undetected but are legitimate as well.

Golovanov continued by saying that the Carbanak was just one out of the many cyber criminals that “learn fast how to use new techniques”.

So what’s the solution to such attacks – Cabanak advised the protecting of the databases that contained the personal information about the owners, and their financial transactions.

About Ali Raza

Ali Raza is a freelance journalist with extensive experience in marketing and management. He holds a master degree and actively writes about crybersecurity, cryptocurrencies, and technology in general. Raza is the co-founder of SpyAdvice.com, too, a site dedicated to educating people on online privacy and spying.
@AliR1272

Check Also

Unblock Facebook at School

Russia to Target Facebook After Attack on Telegram

Following the mass-blocking of millions of IP addresses in the battle against Telegram, Roskomnadzor, the …

Leave a Reply

Your email address will not be published. Required fields are marked *