Since 2002, hackers for hire have attacked over 300 banks and businesses
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
September 16, 2014
Undetected for over 12 long years, a group of hackers for hire have hacked into over 300 banks, large corporations and government agencies. This is possibly the longest hacking campaign of its kind.
Based in Germany, the hackers registered 800 front businesses in Britain to target and then fully compromise organizations in Germany itself, Switzerland and then Austria at the request of customers.
Elite Cyber Solutions chief executive Jonathan Gad said yesterday that the damage done to companies since the attacks began in 2002 was immeasurable.
"The network exploited U.K.'s relatively tolerant requirements for purchasing SSL security certificates at that time and established British front companies so they could emulate legitimate web services," Gad said.
"The German attackers behind the network then had total control over the targeted computers and were able to carry out their espionage undisturbed for several years.
"The damage to the organizations who have been victims in terms of loss of valuable data, income or the exposure of information related to employees and customers is impossible to estimate," he added.
The Harkonnen Operation attack was detailed an eponymously named special report that found companies were compromised by seemingly generic trojans foisted through spear-phishing attacks.
For now, it's still unknown if an anti-virus program wasn't run at compromised organizations, failed to detect the threat or could not due to the malware being encrypted or otherwise obfuscated.
The trojans detected in the attacks were GFILTERSVC.exe from the generic trojan family Trojan.win7.generic.bt and wmdmps32.exe.
Those specific attacks were first detected in a German organization that held "extremely sensitive information" that utilized security equipment worth tens of thousands of Euros every year run by security personnel the researchers said were very talented and operated according to current security standards.
The criminals spent over $150,000 on thousands of domain names, IP addresses and wildcard certificates to make its Britain businesses appear legitimate, when in fact they were not.
Source: Elite Cyber Solutions.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!