live casino online

In February 2017, seeing previously-undetected malware variants in their systems. The affected banks , including network traffic to foreign locations, encrypted executables, and malware on user workstations. Analysis of the malware revealed that once downloaded to the workstation, it connected to foreign servers and performed network reconnaissance, lateral movement and data exfiltration.

The malware was suspected to have been hosted on the website of the Polish Financial Supervision Authority, the country’s financial regulatory body. Interestingly, researchers also discovered evidence that the code used in involving the National Banking and Stock Commission of Mexico and a bank in Uruguay.

There are indications that the attacks on the Polish bank are that has targeted 104 financial organizations across 31 countries. The perpetrators of the campaign compromise the websites of their target organizations by injecting them with malicious code that redirects visitors to an exploit kit that installs the malware. The exploit kit is a custom one designed to infect visitors—specifically those who are using the IP addresses owned by the target financial organizations.

Initial reports have noted that some tools used by the malware share characteristics with malware used by the cybercrime group known as Lazarus, which is believed to have been behind a string of high profile attacks involving financial organizations, notably .

This current incident shows that financial organizations still face a large number of threats from determined cyber criminals. There is a continuous need for vigilance and proper security measures to prevent any potential attacks, especially ones on a global scale, from succeeding.

live casino online is currently analyzing the malware variants, which we have detected under the following detection names:

• TROJ_RATANKBA.A.
• BKDR_DESTOVER.ADU
• BKDR_DESTOVER.A
• TROJ_CVE20130074.B
• SWF_EXPLOYT.YYRQ
• TSPY64_BANKER.YWNQD
• BKDR64_KLIPODENC.ZHEB-A
• TROJ64_KLIPODLDR.ZHEB-A