A study conducted by Cybersecurity firm Kaspersky Lab has discovered that at least 8 European banks have fallen prey to a cyber attack launched physically by hackers to siphon tens of millions of pounds.
Kaspersky Researchers say that the attack was launched through physical devices such as Netbooks, Raspberry Pi devices and Bash Bunnies planted inside the premises of the respective banks-all used for carrying out USB attacks
Security analysts say that the devices were left plugged in long ago. And have now been used by attackers to control the transaction servers via GPRS, 3G and LTE network services.
A senior researcher said that the clandestine devices were linked to the PCs operating in the meeting rooms as they are often connected to multiple communication modules transferring data to different servers in order to facilitate presentations.
Technically naming the attack as ‘DarkVishnya’, Nikolay Pankov, a senior researcher at Kaspersky said that these attacks are launched mainly on big companies.
Usually, one device is used to gain access to a target company’s network so that attackers could access public shared folders, web servers, and other open files. The objective is to harvest info about the servers and workstations used to make payments and also use the infected devices for brute force and sniff for login details.
After attaining success in the 1st stage, then the attackers shift to the second stage where malicious programs are launched on the compromised workstations which allow the attackers to steal funds from the bank accounts.
The motive behind such attacks is ‘bigger is better’ and it needs a lot of pre-planning, execution and thought couture to launch such attacks said Mr. Pankov.
Kaspersky has withheld the names of the affected European banks for obvious reasons.
Note 1- Rasberry Pi is a single board computer developed by Rasberry Pi Foundation in the United Kingdom to teach basic computer science skills to students in educational institutes. The device is usually plugged into a USB port of another computer and can be used for firmware installations, Ethernet device operations and to carry out espionage. By March 2018, over 19 million devices have been sold on a global note.
Note 2- Bash Bunnies are USB devices that are used for intrusion testing where code executions can be carried out on machines connected to the said devices via USB interface.
Note 3- Netbook is a lightweight laptop that can be used to accomplish basic computing tasks such as word processing, presentations, access to the internet, streaming videos, multimedia playback, and photo management.