On the banks of Eastern Europe collapsed a new form of cyber attack called DarkVishnya. The threat was revealed by Kaspersky Lab experts. Only for 2017-2018 from the “Dark cherry” has suffered about eight banks that suffered losses in the amount of several tens of millions of dollars.
As the newspaper notes Securitylab, each time the attackers left at the office of the financial institution computer or a special device with malware, and then physically connected to the corporate network of the company. Usually, the perpetrators used laptops, Raspberry Pi computer or the Bunny Bash tool designed to implement USB attacks. The device can also be optionally equipped with a GPRS-, 3G – or LTE-modem to remotely penetrate the corporate network of the organization.
Stolen information the hackers used to connect to the servers and work stations designed for payments. Next, using conventional software remote access withdrawal.
The entry point into the corporate network operations DarkVishnya for a long time could not find, because she could be in any of the offices located in different regions and even countries. The device, hidden by cybercriminals, as it was impossible to find in the remote mode. The problem of detecting hackers was complicated by the fact that the attacks used a standard utility.
Previously, the hackers got the data of half the guests of the famous hotel chain. In Switzerland arrested two Russians, who may be involved in the hacker attack on WADA. Cybercriminals stole tens of millions of the Japanese cryptocurrency exchange.