Hackers Sent Phishing Emails on Behalf of Kaspersky Lab to Banks - Group-IB

CC0 / / Hacked
Hacked - Sputnik International
MOSCOW (Sputnik) - Group-IB, which specializes in preventing and investigating cybercrimes, announced Tuesday that it had recorded two phishing attacks by the Cobalt hacking group, which sent out scam emails to banks in Russia and other countries on behalf of Russian cybersecurity firm Kaspersky Lab and the European Central Bank.

"Despite the arrest of the operator of the criminal group, Cobalt’s most recent targeted attack activity was monitored by Group-IB on May 23 and 28, 2018. These attacks mainly focused on banks in Russia and CIS countries, however, based on the content of the spear phishing email, it is likely that western financial organizations were also targeted," the Group-IB said in a press release.

Group-IB experts indicated that the hackers' attacks were becoming increasingly inventive and sophisticated.

"For example, in the May 23 attack, the text in English is stylized as a 'legal complaint', the fake website kaspersky-corporate.com also has a high level of quality, which is not typical of Cobalt," the group indicated.

Thus, the email allegedly set on behalf of Kaspersky Lab informed a user in English that the activity on their computer violated the law and offered them to download a complaint letter attached to the email, which contained a computer virus.

READ MORE: US Gov't Agencies Fail to Implement Anti-Hacking Security Measures

In the second attack, which took place on May 28, Cobalt sent emails with an attached virus-infected document describing financial risks to financial institutions on behalf of the European Central Bank.

Hacking - Sputnik International
UK Hacker Jailed With Over $600 Million Worth of Bitcoin Seized by Police
The term "phishing" refers to the creation of fraudulent pages of well-known payment services and other websites in order to steal money. The scheme commonly involves scam emails being sent out with the aim of acquiring the personal information of users. Such emails are usually fake notifications from banks, providers or payment systems requiring the urgent transfer or renewal of users' personal data.

READ MORE: Fancy Bears Strike Again: Hackers Expose Doping Use in Sweden

The Cobalt hacker group became known for its attacks on a number of banks in the CIS counties and Eastern Europe in 2016. The group always uses phishing emails in its fraud schemes, which enable it to gain access to banks' internal networks, in particular, to ATMs management system. In February, Deputy Governor of the Russian Central Bank Dmitry Skobelkin announced that the group has carried out 11 successful attacks on the Russian banks in 2017.

The hacker group's leader was arrested in March in Spain, but the attacks nevertheless continued.

To participate in the discussion
log in or register
Заголовок открываемого материала