Cobalt cyber heist group mounts new campaign

Cobalt cyber heist group mounts new campaign

1920 1080 Pro Web Design

Researchers at security firm Netscout have discovered a financially motivated cyber attack campaign that could be linked to the Cobalt Group, which is believed to be responsible for cyber heists costing millions.  

Similarities in phishing emails used in the new ongoing campaign targeting financial institutions in Eastern Europe and Russia led researchers to suspect a link to the Cobalt group, which has targeted mainly financial organisations in the past, often by using automatic teller machine (ATM) malware.

The latest campaign, discovered on 13 August, is using spear phishing attacks to steal legitimate credentials to bypass security defences and gain entry to banking IT systems. The emails appear to come from a financial supplier or partner, increasing the likelihood of infection.
One phishing email analysed by the researchers contained two malicious links. One is a weaponised Word document that contains obfuscated VBA [Visual Basic for Applications] scripts, and the other is a binary (executable file) with a .jpg image file extension.
Making use of separate infection points in one email with two separate command and control servers is unusual and could be aimed at increasing the likelihood of success, the researchers said.
The binaries analysed contained two unique command and control servers, which Netscout researchers believe are owned and operated by the Cobalt hacking group.
They think the cyber attack group will continue targeting financial organisations in Eastern Europe and Russia based on the attack methods in this campaign.
Banking and other financial institutions are advised to ensure that employees are trained to spot phishing emails.

These and other organisations should also ensure they have the capability to inspect emails closely to identify fake domains that might contain malicious attachments or links.
Cobalt Group’s operations appear to be continuing despite the arrest earlier this year of the suspected mastermind behind the bank heists by the Cobalt and Carbanak groups.
The wider criminal operation uses both Cabanak and Cobalt malware and is linked to the theft of up to $1bn from financial institutions in more than 40 countries.
According to Europol, the Cobalt malware enables criminals to steal up to €10m in each heist.

Source link

How Can We
Help You?

Performance and Simplicity exists side by side.

Contact Pro Web Design and tell us about your next project and we will make sure it is successful. Let us do what we do best.

1920 1080 Pro Web Design

Lenovo’s ThinkSmart Hub 700 bring Dolby audio to your conference room

Hot on the heels of its recently announced ThinkSmark Hub 500, Lenovo hopes to elevate the conferencing experience…

read more
1920 1080 Pro Web Design

A new strategic relationship between Atlassian and InVision

Digital experiences are transforming the way that we live and work. Where we used to drive to a…

read more

Creatives – Design, Marketing, Support

Working Hours: 08:00 – 17:00

Email: contact[at]

Phone: +27 76 260 2730

We Love Your Feedback