Hackers Use Compromised Banks As Starting Points For Phishing Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Feb 20, 2019 06:30 am PST

In a report released today and shared with Bleeping Computer, international security company Group-IB specialized in preventing cyberattacks describes a so called cross-border domino-effect that can lead to spreading an infection beyond the initial target. The report is based on information from incident response work conducted in 2018 by the company’s team of computer forensics experts. 

Experts Comments below: 

Corin Imai, Senior Security Advisor at DomainTools:

“This is something of a perfect storm for cybercriminals, and is an example that clearly illustrates why all businesses need to continue to focus on security. The financial institutions targeted now not only have to deal with the fact they have been compromised by a threat actor, but are also now part of the cybercrime supply chain themselves as a result. Being responsible for facilitating further phishing incidents is likely not only to erode trust between the banks they have unwittingly helped scam, but is likely to see the financial institutions running foul of legislation aimed at preventing these kind of events, inviting potential legal action. Rigorous and regular cybersecurity audits are necessary to prevent these incidents, and to make sure if they do happen they are shut down as soon as possible.” 

Dean Ferrando, Systems Engineer Manager for EMEA at Tripwire:

“It is worrying to witness phishing campaigns increase in sophistication to the point of using a breach to impersonate an organisation as trusted as a bank to gain access to even more networks and as such, customer data. This does pose a wider question about the need of a concerted effort to not only prevent these sort of attacks but also to educate the public in being more vigilant on who they think they can trust. Security has become a collective problem. It is no longer a matter of organisations just protecting themselves and their digital assets, but a matter of not allowing one weak link in a network of organisations to become the enabler of much larger criminal endeavour.”