#CyberFLASH: Russian cyber group seen preparing to attack banks


n-ONLINE-SPYING-largeA security firm is warning that a group of Russian hackers known for targeting military, government and media organizations is now preparing to attack banks in the U.S. and elsewhere.

The group’s preparations, which have included writing new malware, registering domain names similar to those of intended targets, and setting up command-and-control servers, were discovered by analysts from security firm Root9B.

The group has been active since at least 2007 and is known by various names including APT28 and Pawn Storm. Several security vendors believe it operates out of Russia and has possible ties to that country’s intelligence agencies.

The group’s primary malware tool is a backdoor program called Sednit or Sofacy that it delivers to victims through spear-phishing emails or drive-by downloads launched from compromised websites.

The Root9B analysts came across a phishing domain at the end of April that was similar to that of a Middle Eastern financial institution, according to a report published Tuesday. When they dug deeper they uncovered new Sofacy malware samples and servers and domains that were being set up by the group for an upcoming operation.

Based on the information gathered so far, believes the group’s planned targets include Commercial Bank International in the UAE, Bank of America, TD Canada Trust, the United Nations Childrens Fund (UNICEF), United Bank for Africa, Regions Bank, and possibly Commerzbank.

Read more here

Attack on TD website likely a prank, expert says


The cyber attack that bogged down Toronto-Dominion Bank’s website this week was most likely a prank to attract attention, rather than a threat to sensitive financial data, says an expert in computer hacking.

Iain Kenny, a partner at MNP Investigative and Forensic services in Calgary who studies hacking efforts against companies, said the type of attack that stalled TD’s website Thursday is becoming increasingly easy for low-level hackers to execute, but is more of a nuisance for companies than a risk to their security.

Read more here

TD Canada Trust hit by cyberattack


TD Canada Trust says it was hit by a “targeted” cyber attack, forcing its banking website and mobile banking service to go offline for several hours.

The bank says the denial-of-service attack occurred mid-morning and prevented its customers from logging to its website and mobile site.

A denial-of-service attack occurs when hackers flood a website with a large amount of fake traffic, and in turn, preventing others access.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.