'Moneytaker' group steals millions from United States, worldwide banks

Share

A previously undetected hacker group has netted around $10 million in heists on at least 20 companies, in some cases by targeting the transfer networks banks use to transfer money, a Moscow-based security firm said Monday.

Group-IB connected the dots between attacks conducted by MoneyTaker through the tools used, attack infrastructure, and withdrawal schemes which had a particular signature - the use of unique accounts for each transaction.

The first attack occurred in the spring of 2016 against banks in First Data's "STAR" network, the largest US bank messaging system connecting ATMs at more than 5,000 organizations, Group-IB researchers said in a 36-page report.

Though the connection is not well established in the report, Group IB believes the same attackers also struck an additional Russian bank where the Moneytaker malware was not used. Two of the targets were located in Russian Federation, one target was in the United Kingdom, and the rest were in the US.

PM Modi must apologise, Manmohan reiterates this time in a video
Singh issued a statement after reports of him attending a meeting where a Pakistan envoy was present. Hours after that meeting, Manmohan Singh surfaced with a video message for PM Modi.

The hackers use malware that's stored nearly entirely in computer memory, a feature that makes them extremely hard to detect by antivirus defenses.

While it's not clear who's behind MoneyTaker, you're only hearing about them now because they're particularly clever.

"The success of replacement is due to the fact that at this stage the payment order has not yet been signed, which will occur after payment details are replaced", the researchers say.

Group-IB said it had notified Interpol and Europol in order to assist in law enforcement investigations. "This gives cybercriminals extra time to mule funds before the theft is detected".

Omarosa's departure highlights lack of White House diversity
Late Night host Seth Meyers recapped Omarosa's time in the White House by explaining how absurd the whole episode was. Manigault Newman also denies reports that she made a scene while being escorted from the White House grounds.

MoneyTaker members also targeted an interbank network known as AWS CBR which interfaces with Russia's central bank.

Group-IB, an worldwide company that investigates into high-tech crimes and online fraud, warned that the attacks, which began 18 months ago and allow money to be stolen from banks' automated teller machines (ATMs), appear to be ongoing and that banks in Latin America could be targeted next. In addition, the hackers may employ fileless malware and fake SSL certificates generated using the names of well-known legitimate brands including Yahoo, Microsoft, and Bank of America.

The firm said it was continuing to investigate a number of incidents where hackers studied how to make money transfers through the SWIFT banking system, while stopping short of saying whether any such attacks had been carried out successfully. "In addition, incidents occur in different regions worldwide and at least one of the United States banks targeted had documents successfully exfiltrated from their networks, twice". "Their contents and geography indicate that banks in Latin America may be targeted next by MoneyTaker".

Mn Services Vermogensbeheer BV Acquires 1600 Shares of Caterpillar, Inc. (NYSE:CAT)
While take a short look on price to sales ratio, that was 1.99 and price to earning ration of 99.87 attracting passive investors. Ccm Invest Advisers Ltd Liability accumulated 1.82% or 86,620 shares. 12 funds opened positions while 37 raised stakes.

Share