Covid-19 Impact on Banks, And fixes. The Black Swan Opportunity

Download Now

The Black Swan Opportunity | Get your bank digital ready.

IBSI Special 5 Digital Report Package with Special Offer. Subscribe now

IBS Journal: The iconic monthly FinTech magazine

May 2020 issue out now! Subscribe now

India FinTech Report 2020

Insights into the historical and projected market size of key FinTech categories. Subscribe now

Polish cyberattacks part of larger banking malware campaign

MalwareMalware attacks on Polish banks in recent weeks may be part of a much wider campaign by cybercriminals targeting more than 30 countries.

Researchers from Symantec and BAE Systems have linked the malware used in the Polish attack to other, similar attacks that have taken place since last year in a number of other countries. Similarities between the tools and methodologies used point the finger at cybercriminal group Lazarus.

The group used a “watering hole” attack to inject code into target websites and redirect users to a custom exploit kit. The same code found on the Polish Supervision Authority, the source of the Poland attacks, was discovered on the websites of the Mexican National Banking and Stock Commission and Uruguayan state-owned bank Banco de la Republica Oriental de Uruguay.

“These IP addresses belong to 104 different organizations located in 31 different countries,” researchers from Symantec writes in a blog post. “The vast majority of these organizations are banks, with a small number of telecoms and internet firms also on the list.”

The Lazarus group has been operating since 2009 and mainly targets the US and South Korea. The group is suspected of being involved in the theft of $81 million from the central bank of Bangladesh last year.

[do_widget id=text-34]

Related IBS Intelligence Research

Related Posts