On Sunday 12 Feb, security firm Symantec released an analysis of a new wave of attacks that has been underway since at least October 2016 and came to light when a bank in Poland discovered previously unknown malware running on a number of its computers.

The bank then shared indicators of compromise (IOCs) with other institutions and a number of other institutions confirmed that they too had been compromised.

These watering hole attacks attempted to infect more than 100 organizations in 31 different countries.

Symantec has blocked attempts to infect customers in Poland, Mexico and Uruguay by the same exploit kit that infected the Polish banks. Since October, 14 attacks against computers in Mexico were blocked, 11 against computers in Uruguay, and two against computers in Poland.

Preliminary investigation suggested that the starting point for the Polish infection could have been located on the webserver of Polish financial sector regulatory body, Polish Financial Supervision Authority.  Ilia Kolochenko, CEO at High-Tech Bridge commented below.

Ilia Kolochenko, CEO at High-Tech Bridge:

 Ilia Kolochenko“We should expect that cybercriminals will find more creative and reliable ways to compromise their victims. Trustworthy websites, such as governmental ones, represent great value for cybercriminals, even if they don’t host any sensitive or confidential data.

In the past, hackers used one-off or garbage websites to host malware, but as corporate users become more educated and vigilant, attackers need to find more reliable avenues to deliver malware and enter corporate networks.

That’s why Gartner, and other independent research companies, continuously say that the risk of corporate web applications is very high and seriously underestimated. Spear phishing and watering hole attacks against high-profile websites will significant grow in the near future.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.