Contact Contact Us

Two Hacker Groups Target Russian Financial Institutions

Two hacker groups – Silence and MoneyTaker – have been targeting Russian financial institutions with phishing emails designed to look like they come from the Central Bank of Russia (CBR) and Financial Sector Computer Emergency Response Team (FinCERT). The Silence group masqueraded as the CBR and sent phishing emails containing zipped files that downloaded the Silence downloader. The MoneyTaker group impersonated the FinCERT and disseminated decoy documents that downloaded the Meterpreter Stager. Researchers believe both hacker groups likely obtained the decoy documents from previously compromised mailboxes of employees at Russian financial institutions.

References:
[1] Two hacker groups attacked Russian banks purporting to be the Central Bank of Russia

Ensign InfoSecurity Singapore
6 Commonwealth Lane
Singapore 149547

Tel: +65 6788 2882
Fax: +65 6788 3883