In September 2017 Kaspersky Lab researchers identified a new series of targeted attacks against at least 10 financial organizations in multiple regions including Russia, Armenia, and Malaysia. The hits are being performed by a new group called Silence. While stealing funds from its victims, Silence implements specific techniques similar to the infamous threat actor, Carbanak. The attacks are still ongoing.

 

Silence joins the ranks of the most devastating and complex cyber-robbery operations like Metel, GCMAN and Carbanak, which have succeeded in stealing millions of dollars from financial organizations.

 

Most of these operations embrace the following technique: they gain persistent access to internal banking networks for a long period, monitor its day to day activity, examine the details of each separate bank network, and then when the time is right, they use that knowledge to steal as much money as possible.

 

This is exactly the case with Silence Trojan – which compromises its victim’s infrastructure via spear phishing emails.

 

The malicious attachments to the emails are quite sophisticated. Once the victim opens them, it takes just one click to initiate a series of downloads and finally execute the dropper. This communicates with the command and control server, sends the ID of the infected machine, and downloads and executes malicious payloads, responsible for various tasks like screen recording, data uploading, the theft of credentials, remote control etc.

 

Interestingly, the criminals exploit the infrastructure of already infected financial institutions for new attacks, by sending emails from real employee addresses to a new victim, along with a request to open a bank account. Using this trick, criminals make sure the recipient is unsuspicious of the infection vector.

 

When cybercriminals gain persistence in the network they start to examine it. The Silence group is capable of monitoring its victim’s activities, including taking multiple screenshots of the victim’s active screen, providing a real-time video stream of all the victim’s activities, etc.

 

All of the features serve one purpose: to understand the victim’s day to day activity and obtain enough information to eventually steal money. This process and style strongly resembles the techniques of Carbanak.

 

Based on language artifacts found during their research into the malicious components of this attack, Kaspersky Lab security researchers have concluded that the criminals behind the malicious Silence attacks speak Russian.

 

“The Silence Trojan is a fresh example of cybercriminals shifting from attacks on users to direct attacks on banks. We have seen this trend growing recently, as more and more slick and professional APT-style cyber-robberies emerge and succeed. The most worrying thing here is that due to their in-the-shadow approach, these attacks may succeed regardless of the peculiarities of each bank’s security architecture,” notes Sergey Lozhkin, security expert atKaspersky Lab.

 

Kaspersky Lab researchers advise organizations to take the following measures, in order to protect themselves from possible cyberattacks:

  •  Use a specialized solution against advanced threats that can detect all types of anomalies and scrutinize suspicious files at a deeper level to reveal, recognize and uncover complex attacks – like Kaspersky Anti Targeted Attack Platform.
  • Eliminate security holes altogether, including those involving improper system configurations or errors in proprietary applications. For this, Kaspersky Penetration Testing and Application Security Assessment services are a convenient and highly effective solution, providing not only data on found vulnerabilities, but also advising users on how to fix it, further strengthening corporate security.
  • Configure strict email processing rules and enable security solutions with dedicated functionality aimed at phishing, malicious attachments and spam – for example, cloud-assisted anti-phishing and attachment-filtering in Kaspersky Endpoint Security and targeted security solutions for email protection.

 

Find more about Silence Trojan and indicators of compromise on Securelist.com.

 

More information about Silence Trojan is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Lenovo Continues Support for ‘Outstanding Tech Visionary’
Techworld Date Posted: 2 October 2018 11:22 AM | 204 Views
Lenovo, a global leader in PC and smart devices, recently renewed its support to the youth by providing additional laptop grants to the University of the Philippines Genetic Researchers and Agricultural Innovators Society (UP.... See More
 
Lenovo Continues Support for ‘Outstanding Tech Visionary’
Techworld Date Posted: 11:22 AM | 204 Views
Lenovo, a global leader in PC and smart devices, recently renewed its support to the youth by providing additional laptop grants to the University of the Philippines Genetic Researchers and Agricultural Innovators Society (UP...See More

 
Lazada Hacks: 6 Ways to Save on Realme C1
Techworld Date Posted: 7 December 2018 8:59 AM | 122 Views
Christmas is just around the corner! Celebrate the festive season with a discounted treat from Realme’s #RealEntryLevelKing – Realme C1. Sharing with you some Lazada hacks to score Realme C1 even lower than the.... See More
 
Lazada Hacks: 6 Ways to Save on Realme C1
Techworld Date Posted: 8:59 AM | 122 Views
Christmas is just around the corner! Celebrate the festive season with a discounted treat from Realme’s #RealEntryLevelKing – Realme C1. Sharing with you some Lazada hacks to score Realme C1 even lower than the...See More

 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 3 September 2018 5:14 PM | 22 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. . See More
 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 5:14 PM | 22 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. See More

 
Introducing the new special editions to the moto g family moto G5s and moto G5s plus
Techworld Date Posted: 14 October 2017 2:30 PM | 481 Views
Motorola continues to bring unique and intuitive user experiences that Filipinos love and the two new additions to its moto g family: moto g5s and moto g5s plus, come with the latest innovations in.... See More
 
Introducing the new special editions to the moto g family moto G5s and moto G5s plus
Techworld Date Posted: 2:30 PM | 481 Views
Motorola continues to bring unique and intuitive user experiences that Filipinos love and the two new additions to its moto g family: moto g5s and moto g5s plus, come with the latest innovations in...See More

 
Philippine Robotics Team Awarded to Compete Globally
Techworld Date Posted: 24 August 2018 4:33 PM | 469 Views
Various schools across the country will represent the Philippines at the World Robotics Olympiad 2018 (WRO 2018) happening on November 15 to 19 in Chiang Mai, Thailand, after being proclaimed as winners of the.... See More
 
Philippine Robotics Team Awarded to Compete Globally
Techworld Date Posted: 4:33 PM | 469 Views
Various schools across the country will represent the Philippines at the World Robotics Olympiad 2018 (WRO 2018) happening on November 15 to 19 in Chiang Mai, Thailand, after being proclaimed as winners of the...See More

 
From Shaking Their Hands to Paying off Their Debts: Third party Cybersecurity Failures Cost Businesses the Most
Techworld Date Posted: 25 September 2017 11:26 AM | 334 Views
While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of.... See More
 
From Shaking Their Hands to Paying off Their Debts: Third party Cybersecurity Failures Cost Businesses the Most
Techworld Date Posted: 11:26 AM | 334 Views
While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of...See More

 
Fujitsu Selects Cebu for Philippines Expansion
Techworld Date Posted: 19 October 2017 5:27 PM | 458 Views
From L-R:Arlene Gregorio, Head of Fujitsu's Global Delivery Center in the Philippines, Hidenori Furuta, Executive Vice President and Head of Global Delivery, Monchito Ibrahim: Undersecretary of the Department of Information and Communications Technology of.... See More
 
Fujitsu Selects Cebu for Philippines Expansion
Techworld Date Posted: 5:27 PM | 458 Views
From L-R:Arlene Gregorio, Head of Fujitsu's Global Delivery Center in the Philippines, Hidenori Furuta, Executive Vice President and Head of Global Delivery, Monchito Ibrahim: Undersecretary of the Department of Information and Communications Technology of...See More

 
UBTECH Robotics Introduces the Alpha1 Pro Humanoid Robot to Philippines
Techworld Date Posted: 28 September 2017 4:33 PM | 754 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced the Alpha1 Pro interactive consumer robot in the Philippines. Alpha1 Pro is a household programmable humanoid.... See More
 
UBTECH Robotics Introduces the Alpha1 Pro Humanoid Robot to Philippines
Techworld Date Posted: 4:33 PM | 754 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced the Alpha1 Pro interactive consumer robot in the Philippines. Alpha1 Pro is a household programmable humanoid...See More

 
iPhone Xs and Xs Max, Now Available in Power Mac Center
Techworld Date Posted: 5 November 2018 5:21 PM | 44 Views
Power Mac Center, the premier Apple partner in the country, recently welcomed the arrival of iPhone Xs, iPhone Xs Max, and Apple Watch Series 4 with a midnight launch party at its flagship store.... See More
 
iPhone Xs and Xs Max, Now Available in Power Mac Center
Techworld Date Posted: 5:21 PM | 44 Views
Power Mac Center, the premier Apple partner in the country, recently welcomed the arrival of iPhone Xs, iPhone Xs Max, and Apple Watch Series 4 with a midnight launch party at its flagship store...See More

Rafael Aquino
The Threadripper’s Simple Complexity
Techworld • By: Rafael Aquino | Date Posted: 29 July 2017 4:30 PM | 83 Views
The AMD Ryzen Threadripper is by far the most powerful processor to date. 12 cores and 24 threads each, that is absolutely dwarfing any other processor ever created in the history of mankind. But.... See More
Rafael Aquino
The Threadripper’s Simple Complexity
Techworld • By: Rafael Aquino | Date Posted: 4:30 PM | 83 Views
The AMD Ryzen Threadripper is by far the most powerful processor to date. 12 cores and 24 threads each, that is absolutely dwarfing any other processor ever created in the history of mankind. But...See More


Power by

Download Free AZ | Free Wordpress Themes