Lazarus hackers: Αποδείξεις που ανακαλύφθηκαν αναφέρουν ότι οι hackers που κατηγορούνται για τις επιθέσεις που οδήγησαν στο hack της Sony Pictures και στη ληστεία της Κεντρικής Τράπεζας του Bangladesh (Bangladesh Central Bank) έχουν ξεκινήσει ένα νέο κύμα επιθέσεων.
So-called Lazarus hackers are reportedly targeting banks and other organizations in 31 today countries according to a warning from Symantec.
The new attacks appear to have been discovered after a hacking attempt at Polish banks resulted in them being overwhelmed malware. The malware was sent through the hacked Polish financial regulator as a warning document of these attacks: “shared indicators of compromise (IOCs)”
Attackers seem to use hacked sites to redirect visitors to a custom exploit kit, which is pre-configured to infect only visitors from around 150 different IP addresses. These IP addresses belong to 104 different organizations located in 31 different countries. The overwhelming majority of these organizations are banks, with a small number of telecommunications companies and other businesses on the internet.
Lazarus Hackers have been linked to a series of attacks in 2009, targeting businesses in the US and South Korea. Some of the tools used in the Bangladesh Central Bank hack have very similar code to malware used in other attacks. One of them was the hack at Sony Pictures that resulted in them being leaked Movies of the company online before the official screening.
The latest malware used in attacks on Polish banks had a similar code with the malicious software used by Lazarus hackers in attacks against Sony, according to Symantec.
More details about Symantec's blog attacks:
https://www.symantec.com/connect/blogs/attackers-target-dozens-global-banks-new-malware-0