最有看点的互联网金融门户

最有看点的互联网金融门户
其他国际资讯

多家俄罗斯银行遭受网络攻击 损失近2570万美元

过去六个月内,多家俄罗斯银行遭到新型恶意软件攻击,损失累计已达2570万美元。该恶意软件可侵入IT网络,并且仅有一套完整的设施可将其消除。

Buhtrap组织伪装成俄罗斯中央银行沟通人员,进行网络钓鱼,对俄罗斯银行施以致命攻击。

Group IB一直在追踪恶意软件,称Buhtrap是第一个使用网络蠕虫攻击银行的整套设施的黑客组织,极大地增加了消除网络上恶意功能的难度。

Group IB公司表示:“这样一来,银行不得不关闭整个系统,导致不能即时服务客户,进而产生额外的损失。”

自从二月在暗网论坛上公布了其源代码之后,该网络蠕虫现在已经大量出现在各开发工具包内。迄今为止,这款网络蠕虫已经成功植入一些俄罗斯银行,窃取金额多达2570万美元。

Group IB 表示,俄罗斯银行过于依赖基础的杀毒安防措施,导致他们成为网络犯罪团伙的首要攻击目标。

此外,Group IB还指出:“Bultrap组织针对俄罗斯的攻击行为已经导致受害银行直接损失数以百万计的卢布,这类攻击已经不再寻常。所有的攻击完全可以很容易就被阻止,有效保护工具的年均花费比一次蓄意攻击的平均直接损失少28倍还多。”

Russian banks have lost $25.7 million in the past six months to a new form of malware that infects IT networks and can only be eradicated by a complete infrastructure shut-down.

The "Buhtrap" group delivers its deadly payload from a simple phishing scam that masquerades as a communication from the Central Bank of Russia.

Group IB, which has been tracking the malware, says Buhtrap is the first hacker group using a network worm to infect the overall bank infrastructure, significantly increases the difficulty of removing all malicious functions from the network.

"As a result, banks have to shut down the whole infrastructure which provokes delay in servicing customers and additional losses," says the company.

The worm, which has looted infected banks to the tune of $25.7 million in 13 successful attacks, is now also available from off-the-shelf exploit kits following the publication of the source code on dark Web forums in February.

Group IB says Russian banks' reliance on basic anti-virus security precautions, make them sitting ducks for criminal cyber gangs.

"This group’s activity has led to the current situation where attacks against Russian banks causing direct losses in the hundreds of millions of rubles are no longer taken as something unusual," says the firm. "Absolutely all incidents could have been easily prevented. Annual expenditures for effective prevention tools are 28 times lower than the average direct loss from one targeted attack."


用微信扫描可以分享至好友和朋友圈

扫描二维码或搜索微信号“iweiyangx”
关注未央网官方微信公众号,获取互联网金融领域前沿资讯。

发表评论

发表评论

您的评论提交后会进行审核,审核通过的留言会展示在下方留言区域,请耐心等待。

评论

您的个人信息不会被公开,请放心填写! 标记为的是必填项

取消

唐 文未央青年

36
总文章数

北京理工大学英语笔译硕士在读,喜欢翻译工作,坚信任何一次翻...

版权所有 © 清华大学五道口金融学院互联网金融实验室 | 京ICP备17044750号-1