What's surprising? The root of the malware infection is their ain fiscal regulator, the Polish Financial Supervision Authority (KNF) -- which, ironically, is meant to proceed an optic out for the security as well as security of fiscal systems inward Poland.
During the past times week, the security teams at several unnamed Polish banks discovered malicious executables on the workstations of several banks.
The KNF confirmed that their internal systems had been compromised past times person "from around other country," although no specifications were provided.
After downloads of suspicious files that were infecting diverse banking systems had been discovered on the regulator's servers, the KNF decided to get got downwardly its entire organisation "in social club to secure evidence."
Here's what happened:
Once downloaded as well as executed, the malware connected to around unusual servers to perform diverse malicious tasks such equally reconnaissance, information exfiltration, as well as post service exploitation.
This item malware appears to hold upwards a novel strain of nasty software which has never seen earlier inward alive attacks as well as has a cipher detection charge per unit of measurement on VirusTotal.
In around cases, the attackers fifty-fifty managed to hit command over critical servers inside the targeted bank's infrastructures.
Security blogger BadCyber spoke to several banks, as well as around xx commercial banks across Poland get got already confirmed beingness victims of a malware infection patch other banks proceed looking.
The affected banks discovered the encrypted executable files on several servers as well as unusual network traffic going to uncommon IP addresses situated inward other unusual countries.
Both the KNF as well as the Polish regime confirmed local Polish media that the investigation is ongoing as well as that at that topographic point is no indication of people's coin beingness affected inward the assail as well as no operations were affected.
