Experts from Kaspersky Lab and Sberbank, one of the largest banks in Russia, worked closely with the Russian law enforcement agencies under investigation for gang Lurk, which led to the arrest of 50 people. The detainees are suspected of involvement in the creation of the infected computer network used to steal more than $ 45 million from banks, other financial institutions and companies.
The practice lasted from 2011. It is the largest in the history of the arrest of hackers, which took place in this country. In 2011. Experts had detected activity organized cybercriminal gang, which used the Trojan Lurk – sophisticated, versatile and multi-module malicious software with broad functionality – in order to gain access to computers of the victims. In particular gang is looking to come to the remote banking services to steal money from the accounts of customers.
Specialists participated in the investigation of law enforcement agencies on gang Lurk from the outset. Early on they realized that Lurk is a group of Russian hackers, which poses a serious threat to organizations and users not only in Russia. The gang started attacking banks and a half years ago – earlier goal of this malicious software systems were different companies and customers. These have been analyzed and identified as belonging to the hacker network of computers and servers. Armed with this knowledge, the police could identify the suspects and collect evidence of crimes committed.
During the arrest the Russian police managed to prevent the making of false money transfers worth more than 30 million registered dollars.
In order to spread malware group Lurk has infected a number of legitimate websites, including leading media and information services. Infection was used vulnerabilities in servers, which were attacked party. It was enough that the victim visited an infected site to the computer has been infected with Trojan Lurk. Once inside the computer worm began downloading additional modules, which allowed him to steal the victim’s money.
The media were not the only non-financial objective of this group. To hide their tracks using a VPN connection, the criminals broke into the well to a variety of IT and telecom companies, using their servers in order to preserve anonymity.
Lurk Trojan distinguished by the fact that the malicious code is not stored on the disk of the infected computer, but only in RAM. Moreover, its creators have tried to the greatest extent possible solutions make it difficult to detect virus threats. To do this, have used various VPN services, an anonymous network Tor, modified points Wi-Fi connectivity and servers belonging to the victim organizations IT.
Remember! How not to be deceived subsequent waves of fake posts on Facebook? It’s good to know.
Experts sensitize users and companies to pay more attention to its protection mechanisms and regularly carry out safety checks of IT infrastructure. Extremely important it is also to impress upon employees the basics of responsible behavior on the Internet.
In addition, companies should implement security measures that will allow them to detect targeted attacks. The best strategy is to complement the approach to risk prevention mechanisms threat detection and response. Even the most sophisticated targeted attacks can be identified on the basis of unusual activity in comparison with the usual business processes.
SLK
No comments:
Post a Comment