View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 1, 2017updated 06 Jul 2022 8:59am

Banks stunned into Silence by deadly new cyberattack

The attack method chosen by Silence involves spying on the victim for a long period of time, gathering intel to find out the best time to strike.

By Tom Ball

A deadly new hacking group called Silence that preys on banks and other financial organisations has been identified launching attacks in countries including Russia and Malaysia.

Spearfishing emails are the preferred method of gaining entry for the group, and once access is gained the hackers remain inside the breached organisation for a long time.

During this period of time the hackers amass Intel to work out when would be most profitable time to strike, closely monitoring separate bank networks.

Due to this method of attack, the Silence Trojan is considered by Kaspersky Lab, identifier of the threat, to join previous cyber theft operations including GCMAN, Carbanak and Metel as being among the most complex and powerful of its kind.

While spearfishing may not be the most sophisticated form of attack, Kaspersky notes that the malicious attachments are. One click will spark a chain reaction of downloads that will trigger a dropper that seals the fate of the victim.

The attack is then able to communicate with the server, ultimately taking control and unleashing malicious payloads upon it.

Once inside the attackers can actually put a real-time video stream in place for spying on and watching the day to day activity of the victim, with screenshots easily being taken.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?
– CISOs failing with cybersecurity – here’s why
– Microsoft eyes up AI chips for next gen HoloLens
– TransferWise set to gallop deeper into unicorn territory

Sergey Lozhkin, security expert at Kaspersky Lab, said: “The Silence Trojan is a fresh example of cybercriminals shifting from attacks on users to direct attacks on banks. We have seen this trend growing recently, as more and more slick and professional APT-style cyber-robberies emerge and succeed. The most worrying thing here is that due to their in-the-shadow approach, these attacks may succeed regardless of the peculiarities of each bank’s security architecture.”

Steps to remain protected from this threat include having a specialised security solution that is a capable of detecting anomalies, eliminating security gaps, and implementing email processing rules that are tuned to defending against phishing, malicious attachments and spam.

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU