Skip to main content

ALERT!!! Hackers Are Now Targeting Banks Worldwide With Evolving Tactics.Hhahahaaha, Lucky are those who Carefully Read and Pay attention to articles Published on Our Website.Thanks...Read the Full Details here https://osutayusuf.blogspot.com and for many more updates.

Silence APT, a Russian-speaking cybercriminal group, known for targeting financial organizations primarily in former Soviet states and neighboring countries is now aggressively targeting banks in more than 30 countries across America, Europe, Africa, and Asia.
Active since at least September 2016, Silence APT group's most recent successful campaign was against Bangladesh-based Dutch-Bangla Bank, which lost over $3 million during a string of ATM cash withdrawals over a span of several days.
According to a new report Singapore-based cybersecurity firm Group-IB shared with The Hacker News, the hacking group has significantly expanded their geography in recent months, increased the frequency of their attack campaigns, as well as enhanced its arsenal.
The report also describes the evolution of the Silence hacking group from "young and highly motivated hackers" to one of the most sophisticated advanced persistent threat (APT) group that is now posing threats to banks worldwide.
Silence APT hacking group has updated their unique TTP (tactics, techniques, and procedures) and changed their encryption alphabets, string encryption, and commands for the bot and the main module to evade detection by security tools.
"In addition, the actor has completely rewritten TrueBot loader, the first-stage module, on which the success of the group's entire attack depends. The hackers also started using Ivoke, a fileless loader, and EDA agent, both written in PowerShell," the researchers said.
EDA is a PowerShell agent, designed to control compromised systems by performing tasks through the command shell and tunneling traffic using the DNS protocol, and is based on the Empire and dnscat2 projects.
hacking groups
Just like most hacking groups, Silence gang also relies on spear-phishing emails with macros Docs or exploits, CHM files, and .LNK shortcuts as malicious attachments to initially compromise their victims.
Once in a victim organization, the group leverages more sophisticated TTPs and deploy additional malware, either TrueBot or a new fileless PowerShell loader called Ivoke, both designed to collect information about an infected system and send it to an intermediate CnC server.
To choose their targets, the group first create an up-to-date "target list" of active email addresses by sending "recon emails," which usually contain a picture or a link without a malicious payload.
"These campaigns were no longer focused just on Russia and former Soviet countries but spread across Asia and Europe. Since our last public report, Silence has sent out more than 170,000 recon emails to banks in Russia, the former Soviet Union, Asia, and Europe," the report reads.
"In November 2018, Silence tried their hand at targeting the Asian market for the first time in their history. In total, Silence sent out about 80,000 emails, with more than half of them targeting Taiwan, Malaysia, and South Korea."
Featuring Silence APT group's latest campaigns—from May 2018 through 1 August 2019—researchers described the increase in damage from their operations and confirmed that the amount of funds stolen by Silence had increased fivefold since its initial stage, estimating the total loss of $4.2 million.
Besides this, Group-IB researchers also suspect that TrueBot (aka Silence.Downloader) and FlawedAmmyy loader have been developed by the same person as both malware were signed with the same digital certificate.
phishing emails
FlawedAmmyy loader is a remote access Trojan (RAT) associated with TA505, a separate Russian-speaking threat group responsible for many large-scale attacks involving highly targeted email attacks as well as massive, multi-million message campaigns since at least 2014.
"The growing threat posed by Silence and its rapid global expansion prompted us to make both reports publicly available in order to help cyber security specialists detect and correctly attribute Silence's worldwide attacks at an early stage," the researchers said.
Group-IB researchers did not share the names of the banks targeted by Silence APT but said that the group successfully targeted banks in India (in August 2018), Russia (in February 2019, Russian "IT Bank"), Kyrgyzstan (in May 2019), Russia (in June 2019), and Chile, Ghana, Costa Rica, and Bulgaria (in July 2019).
Group-IB has published more detailed findings about Silence APT in its new report titled, "Silence 2.0: Going Global." You can head on to its report for more information.


Comments

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed

How to Host a Website for Free From Your PC or Laptop.

Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.