Home Topics in Depth Economics A rash of invisible, fileless malware is infecting banks around the globe

  • N2Doc (4806 posts)
    Profile photo of N2Doc Donor

    A rash of invisible, fileless malware is infecting banks around the globe

    Two years ago, researchers at Moscow-based Kaspersky Lab discovered their corporate network was infected with malware that was unlike anything they had ever seen. Virtually all of the malware resided solely in the memory of the compromised computers, a feat that had allowed the infection to remain undetected for six months or more. Kaspersky eventually unearthed evidence that Duqu 2.0, as the never-before-seen malware was dubbed, was derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.

     
    Now, fileless malware is going mainstream, as financially motivated criminal hackers mimic their nation-sponsored counterparts. According to research Kaspersky Lab plans to publish Wednesday, networks belonging to at least 140 banks and other enterprises have been infected by malware that relies on the same in-memory design to remain nearly invisible. Because infections are so hard to spot, the actual number is likely much higher. Another trait that makes the infections hard to detect is the use of legitimate and widely used system administrative and security tools—including PowerShell, Metasploit, and Mimikatz—to inject the malware into computer memory.

     
    “What’s interesting here is that these attacks are ongoing globally against banks themselves,” Kaspersky Lab expert Kurt Baumgartner told Ars. “The banks have not been adequately prepared in many cases to deal with this.” He went on to say that people behind the attacks are “pushing money out of the banks from within the banks,” by targeting computers that run automatic teller machines.

    more
    https://arstechnica.com/security/2017/02/a-rash-of-invisible-fileless-malware-is-infecting-banks-around-the-globe/

     

    Stuxnet- the gift that keeps on giving!

    snot, Arctic Dave, Charles and 8 othersbbgrunt, zoolook67, Pacco Fransisco, LiberalArkie, Purveyor, ZimInSeattle, Enthusiast, jwirr like this
    "But nothing ever changes unless there's some pain" - Tears For Fears "Goodnight Song"

You must be logged in to reply to this topic.

▼ Hide Reply Index
7 replies
  • Enthusiast (10266 posts)
    Profile photo of Enthusiast Donor

    1. What's next? "Oh, sorry, the Russians stole your money."

    "The NSA’s capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything. There would be no place to hide."  Frank Church "When plunder becomes a way of life for a group of men in society, over the course of time they create for themselves a legal system that authorizes it and a moral code that glorifies it." - Frederic Bastiat, 1848
  • LiberalArkie (4102 posts)
    Profile photo of LiberalArkie Donor

    2. This is bound to happen once banks and businesses started moving

    away from mainframes to server farms and from dedicated point to point circuits to internet.

    • Two way street (2605 posts)
      Profile photo of Two way street Donor

      3. Would going back to, mail me a statement on paper, help me?

      Draft Bernie for a people's party becomes Draft Bernie for a people's single-payer party-Medicare for All.
      • LiberalArkie (4102 posts)
        Profile photo of LiberalArkie Donor

        4. Paper, internet has nothing to do with it.

        It is just that mainframes are more secure, not Intel processors or Microsoft operating systems. Everything that is done now can be done on mainframes.

        • Two way street (2605 posts)
          Profile photo of Two way street Donor

          5. Thanks. I was thinking that the download from my bank to my computer

          is really not secure.  And a bank could print a paper statement on a mainframe to send to me through the old fashion Post Office, at my request?

          Draft Bernie for a people's party becomes Draft Bernie for a people's single-payer party-Medicare for All.
          • LiberalArkie (4102 posts)
            Profile photo of LiberalArkie Donor

            6. They might, but the HTTPS used is probably pretty secure. Probably more

            secure that having it sit in a mailbox somewhere.

            The bug problem is people getting into the Banks system and being able to take money from it and transfer it somewhere else erasing logs as they go.

             

            We have no idea of if this has happened in the US, but it has happen overseas and know one knows where it went.

  • Blue Meany (419 posts)
    Profile photo of Blue Meany

    7. Banks used to use private networks like Datapac to transmit data

    and they might have to go back to that.  I don’t know what’s available these days in the private network market, but since the whole internet has  been privatised, it would not be hard to piece one together.  I believe that the military has its own private networks, as well.