News

‘Criminals installed Raspberry Pis in banks for network attack’

By admin
Spread the love

Criminals have attacked at least eight banks in Eastern Europe by covertly installing hardware in branches to gain access to the networks. They would have stolen tens of millions of euros.

Kaspersky Labs investigated the ICT attacks that took place in 2017 and 2018 and has named the attacks by the group DarkVishnya. The criminals managed to place hardware in the headquarters or regional offices of at least eight banks. They gained access by posing as a courier or job applicant, after which they placed hardware in inconspicuous places in, for example, meeting rooms.

These included cheap laptops, Raspberry Pis and Bash Bunnies. The latter are USB sticks that contain tools to carry out attacks from a distance. Within the bank networks, the devices posed as an unknown computer, external USB drive or keyboard.

The attackers then connected to the devices via lte to scan the banks’ local networks. For example, they tried to get logins and obtain details about servers and workstations that were used for payments. According to Kaspersky, they used shell code with local tcp servers to bypass firewalls. At the last stage, they tried to get permanent remote access to systems, using msfvenom.

Tables with built-in connections can be used by criminals for hidden implants

You might also like
News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

News

Igor’s Lab shares specs LGA1851 socket Arrow Lake: PCIe 5.0 SSDs and more pins

News

Rumor: First Macs with M3 sockets coming in October

News

PC version Ratchet & Clank: Rift Apart required by DirectStorage 1.2 no SSD

Exit mobile version