MOSCOW (Combined Sources) – Anti-virus software maker Kaspersky Lab has detected a target attack on financial organizations of Russia, Armenia, and Malaysia, the company said on Tuesday in a statement.
“The first wave of attacks started in July 2017, and new ones are taking place now. The attack was named Silence for its stealthiness and latency,” Kaspersky Lab said.
Networks are infected via target phishing letters with enclosed malware in the .chm format, according to Kaspersky Lab. The letter’s text looks like a standard enquiry to open an account. When opened, the virus penetrates corporate networks, and perpetrators can inspect bank infrastructure and trace its employees, among others. Then hackers steal or remit money.
The attackers are capable of monitoring everything a victim does in order to provide them with all the information they need to sneak around bank networks and make off with stolen funds.
“Attacks on banks and financial organizations are one of the most effective ways of enrichment for cybercriminals. The fact that the Silence attack has already been registered in several countries proves growing activity of the group,” Kaspersky Lab’s senior antivirus expert Sergei Lozhkin said.
Lozhkin added that perpetrators use legitimate administrator tools to stay unnoticed.