Categories: Broadband

Hacking Group Targeting African Banks

Share

Security researchers from Kaspersky have reported on thousands of notifications of attacks on major banks in the sub-Saharan Africa region. The malware in the attacks has been linked to Silence Group – a hacking organisation which has targeted banks and stolen millions in the past.

advertisement

The group which is reportedly one of the most active Advanced Persistent Threat (ATP) actors, begin these attacks with a social engineering scheme. Attackers send a phishing email that contains malware to a bank employee. The malware gets inside the banks’ security perimeter and gathers information on the victim organisation. To do this the malware “captures screenshots and video recordings of the day to day activity on the infected device.

Once attackers are ready to take action, they activate the capabilities of the malware which can include cash withdrawals via ATM.

advertisement

Kaspersky Researchers say the attacks began in the first week of 2020 and indicated that the group is about to activate the malware and cash out the funds. The researchers didn’t disclose which banks are under threat but one would assume if they know they would have reached out to the banks to warn them.

Silence group has been quite productive in the past years, as they live up to their name; their operations require an extensive period of silent monitoring, with rapid and coordinated thefts. We noticed a growing interest of this actor group in banking organisations in 2017 and since that time the group would constantly develop, expanding to new regions and updating their social engineering scheme,” said Sergey Golovanov, security researcher at Kaspersky. “We urge all banks to stay vigilant, as apart from the large sums Silence group also steal sensitive information while monitoring the Banks activity as they video record screen activity. This is a serious privacy abuse that might cost more than money can buy.

The malware used in the operation is identified as HEUR:Trojan.Win32.Generic,PDM:Exploit.Win32.Generic and Kaspersky say financial institutions can guard against it by applying the following measures:

  • Introduce basic security awareness training for all employees so that they can better distinguish phishing attempts.
  • Monitor activity in enterprise information systems information security operations centre.
  • Use security solutions with dedicated functionality aimed at detecting and blocking phishing attempts.
  • Provide security teams with access to up to date, to keep pace with the latest tactics and tools used by cybercriminals.
  • Prepare an incident response plan to be ready for potential incidents in the network environment.

Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, click here to enter your query.

Published by
Staff Writer

Recent Posts

Coronavirus, The Zimbabwe Government And Social Media

Last Thursday, Zimbabwe's Minister of Health, Obadiah Moyo was summoned by parliament to update legislators…

February 26, 2020

Chicken Hut Launches WhatsApp-Based Diaspora Food Service

Chicken Hut recently launched a new service allowing people in the diaspora to order food…

February 26, 2020

Bank Foreign Currency Exchange Rates Today – 26 February 2020

Here are the foreign currency exchange rates for the US$, ZW$ and Rand on the…

February 26, 2020

Will The Cheaper Sasai Bundle Save The Messaging App?

Sasai recently got a discounted bundle introduced by Econet in what seems like an effort…

February 26, 2020

Zim Stock Exchange Announces Free Online Courses For First Time Investors

The Zimbabwe Stock Exchange (ZSE) today launched the ZSE Training Institute with the goal to…

February 26, 2020

Econet Global Interested In Securing Ethiopian Telecoms Licence

Econet Global, owned by Strive Masiyiwa is reportedly looking to acquire a telecoms licence in…

February 25, 2020