Finance

Multiple Financial Institutions Hit by Commoditised Tools

15 - 22 January 2019

West African financial institutions have been targeted in a series of cyber attacks that leverage living off the land tactics and off-the-shelf, commodity malware.
Cyber_News_Finance
West African financial institutions have been targeted in a series of cyber attacks that leverage living off the land tactics and off-the-shelf, commodity malware. The attacks were observed since mid-2017 and affected organisations in Cameroon, Congo (DR), Ghana, Equatorial Guinea, and Ivory Coast. The latest attack detected in December 2018 was directed at a financial organisation in Ivory Coast where the Imminent Monitor remote access tool (RAT) was deployed. The attacker also used legitimate administrative tools at the compromised host such as PowerShell, PsExec, UltraVNC and RDP to maintain persistence and execute payload. While commodity malware are not as powerful or stealthy as custom-developed tools, it adds a level of anonymity to the attacks, making attribution difficult.

References:
[1] West African Financial Institutions Hit by Wave of Attacks
 
 
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence