They say that imitation is the sincerest form of flattery. In this case, it is a new financial hacking team, dubbed ‘Silence’ by Kapersky Labs, that are taking inspiration from preeminent cybercrime outfit Carbanak, which is believed to have harvested over $1bn from the international finance sector.
While the two hacking groups are not related, Silence has also been using a compromised financial network to launch spear-phishing attacks on Russian, Armenian and Malaysian banks. Using a similar method to Carbanak, it has exploited the inherent vulnerability of financial institutions witnessed by the 2013-2015 Carberp Trojan, the JP Morgan data breach in 2014 and the 2016 SWIFT hack.
Silence’s emails, which look like an authentic request to open a bank account, release a backdoor that infiltrates the bank’s system. This allows the attackers to gather information on the target organisation’s internal processes, by using screen grabs to monitor daily activity. They then use this knowledge to syphon off large sums of money.