VB2016 paper: Modern attacks on Russian financial institutions

Posted by   Martijn Grooten on   Dec 12, 2016

Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton Cherepanov.

In it, they look at a number of groups that have performed sophisticated attacks against a number of Russian financial institutions. The work of these groups demonstrates the increasing sophistication and professionalization of cybercrime.

Today, the paper's authors have also published a blog post about the paper on ESET's We Live Security blog, in which they point out a misunderstanding in the way the Russian banking system works, which has led to a few news reports initially misreporting a theft at the Russian Central Bank while, in fact, the attack affected commercial banks.

Fig4-FinCERT_decoy_document.png

We have also uploaded the video of the presentation to our YouTube channel.

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Standalone product test: FireEye Endpoint

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

VB2017 video: Consequences of bad security in health care

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at…

Vulnerabilities play only a tiny role in the security risks that come with mobile phones

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

VB2017 paper: The (testing) world turned upside down

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical…