39.8 F
Washington D.C.
Friday, March 31, 2023

Cybercrime Gang Launches New Campaign Against Banks

Cobalt Group (aka TEMP.Metastrike), active since at least late 2016, have been suspected in attacks across dozens of countries. The group primarily targets financial organizations, often with the use of ATM malware. Researchers also believe they are responsible for a series of attacks on the SWIFT banking system which costs millions in damages to the impacted entities.

On Aug. 13, Arbor’s Security Engineering & Response Team observed the financially-motivated hacking group actively pushing a new campaign. We believe the targeted institutions for the ongoing campaign are located in eastern Europe and Russia. The active campaigns utilize spear phishing messages to gain entry. The emails appear to come from a financial vendor or partner, increasing the likelihood of infection. The group uses tools that can bypass Window’s defenses.

ASERT recently uncovered two different malware samples which we believe connect the active campaigns to Cobalt Group. The first sample, a JavaScript backdoor, shares functionality with previous versions of a similar backdoor. The second binary, CobInt/COOLPANTS, is a reconnaissance backdoor as noted by security researchers.

Read more at NETSCOUT

Homeland Security Todayhttp://www.hstoday.us
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Related Articles

- Advertisement -

Latest Articles