2016-03-20

Bangladesh Bank hit by $1 Billion cyber heist

Four requests to transfer a total of about $81 million to the Philippines went through, but a fifth, for $20 million, to a Sri Lankan non-profit organisation got held up because the hackers misspelled the name of the NGO.
At the same time the unusually high number of payment instructions and the transfer requests to private entities ... made the Fed suspicious, which also alerted the Bangladeshis ...  The transactions that got stopped totalled between $850 million and $870 million
Story here & here.

Update 24-Apr-2016:
The bank's security was in a pitiful condition!
Bangladesh's central bank was vulnerable to hackers because it did not have a firewall and used second-hand, $10 switches to network computers connected to the SWIFT

Update 27-Apr-2016:
A very sophisticated attack, which makes sense knowing the attackers targetted almost $1B from this one bank alone, and maybe others.
That apparently allowed the attackers to delete outgoing transfer requests and intercept incoming requests, as well as change recorded account balances – effectively hiding the heist from officials.
The malware even interfered with a printer to ensure that paper copies of transfer requests didn’t give the attack away.

Update 13-May-2016:
Another bank hit, by the same malware

Update 27-May-2016:
More banks are investigating a potential breach. Ecuador Bank become the third victim !

Update 28-May-2016:
Is North Korea responsible?

An interesting article with all the known facts from the Bangladesh hack.

Update 29-Jun-2016:
Ukrainian Bank loses 10 M, to a swift attack.

Update 11-Nov-2016:
$15M recovered by the Bangladesh Bank, thanks to the courts.

Update 07-Apr-2017:
Lazarus group exposed, with links to N Korea

2016-03-11

Ukraine's Power Grid hacked

This was one of the concerns highlighted by the American government as well. Russia becomes the first in the world to suffer a power outage because of hackers.
The hackers who struck the power centers in Ukraine—the first confirmed hack to take down a power grid—weren’t opportunists who just happened upon the networks and launched an attack to test their abilities; according to new details from an extensive investigation into the hack, they were skilled and stealthy strategists who carefully planned their assault over many months, first doing reconnaissance to study the networks and siphon operator credentials, then launching a synchronized assault in a well-choreographed dance.
Update Dec-2016:
Another attack confirmed in Ukraine.

2016-03-06

Veil Framework – Antivirus Evasion Framework

As if there weren't already enough frameworks to help the bad guys get organized.
The Veil-Framework is a collection of red team security tools that implement various attack methods focused on antivirus evasion and evading detection.
Details here.

DROWN Attack

Yet another attack on SSL. This time on ver-2!
More here.