North Korean hacking group allegedly targets Turkish financial institutions

North Korean hacking group allegedly targets Turkish financial institutions

ISTANBUL
North Korean hacking group allegedly targets Turkish financial institutions

A suspected North Korean cybercrime group, known as the “Hidden Cobra,” targeted Turkey’s financial industry earlier this month, U.S.-based cyber firm McAfee claimed on March 8 in a report published on its blog, securingtomorrow.mcafee.com.

“We observed the return of Hidden Cobra’s Bankshot malware implant surfacing in the Turkish financial system. Based on the code similarity, the victim’s business sector, and the presence of control server strings, this attack resembles previous attacks by Hidden Cobra conducted against the global financial network SWIFT,” the company stated.

The cyber-attack on Turkey’s financial sector reportedly occurred on March 2 and March 3 and it was intended to gain access to specific financial organizations.

“The implant’s first target was a major government-controlled financial organization. It next appeared in another Turkish government organization involved in finance and trade. A further three large financial institutions in Turkey were victims of this attack,” the company said, without naming the financial organizations or institutions allegedly targeted.

It noted that the implant has so far not surfaced in any other sector or country.

Phishing mails

Financial organizations in Turkey were targeted via spear phishing emails containing a malicious Microsoft Word document which contains an embedded Adobe Flash exploit, McAfee stated.

Bankshot implant, which was first reported by the U.S. Department of Homeland Security in December 2017, is designed to persist on a victim’s network for further exploitation.

Bankshot implants are distributed from a domain with a name similar to that of the cryptocurrency-lending platform Falcon Coin, but the similarly named domain is not associated with the legitimate entity, according to the report.

McAfee warned that the latest campaign suggests the attackers may plan a future heist against these targets by using Bankshot to gather information.

The Turkish authorities have not yet commented on the alleged cyber-attack report.

Not the first cyber-attack on Turkey’s finance industry

In 2015 and 2016, a series of cyberattacks targeted SWIFT, a Belgium-based co-operative owned by its user banks including both central banks and commercial banks.

SWFIT handles trillions of dollars in fund transfers daily, and is considered the backbone of international banking.

During the campaign of cyber-attacks on the SWIFT transfer system, hackers also targeted the Turkish lender Akbank in December 2016.

Akbank said at the time that it faced a liability of up to $4 million from the incident but “no customer information was compromised.”

banking group, Hacking,

Quark.Models.Entities.Ancestor?.Title?.ToUpperInvariant() Erdoğan calls for greater anti-terror solidarity with Germany

Erdoğan calls for greater anti-terror solidarity with Germany
LATEST NEWS

  1. Erdoğan calls for greater anti-terror solidarity with Germany

    Erdoğan calls for greater anti-terror solidarity with Germany

  2. Erdoğan, Özel hold talks in parliament, schedule follow-up meeting

    Erdoğan, Özel hold talks in parliament, schedule follow-up meeting

  3. Türkiye never discriminates its Armenian citizens: Erdoğan

    Türkiye never discriminates its Armenian citizens: Erdoğan

  4. Türkiye considers bandwidth throttling against X

    Türkiye considers bandwidth throttling against X

  5. Political parties should distance themselves from terrorist groups: Minister

    Political parties should distance themselves from terrorist groups: Minister
Recommended
Domestic tourism spending rises 100 percent in 2023

Domestic tourism spending rises 100 percent in 2023
Renault revenue rises despite negative currency hit

Renault revenue rises despite negative currency hit
Turnover of shopping centers soar in February

Turnover of shopping centers soar in February
Eurozone business activity accelerates in April

Eurozone business activity accelerates in April
Italys deficit grew to 7.4 pct of GDP last year

Italy's deficit grew to 7.4 pct of GDP last year
Tensions between Beijing and Washington irk US companies

Tensions between Beijing and Washington irk US companies
Foreign investors have no doubt about economic program: Şimşek

Foreign investors have no doubt about economic program: Şimşek
WORLD US passes $95 billion aid package to Israel, Ukraine

US passes $95 billion aid package to Israel, Ukraine

The Senate has passed $95 billion in war aid to Ukraine, Israel and Taiwan, sending the legislation to President Joe Biden after months of delays and contentious debate over how involved the United States should be in foreign wars.
ECONOMY Domestic tourism spending rises 100 percent in 2023

Domestic tourism spending rises 100 percent in 2023

Expenditures of domestic travelers amounted to 229.8 billion Turkish Liras last year, rising 101 percent from 2022, data from the Turkish Statistical Institute (TÜİK) have shown.
SPORTS Tour of Türkiye embarks on 8-stage journey

Tour of Türkiye embarks on 8-stage journey

The 59th Presidential Cycling Tour of Türkiye (TUR) kicks off on April 21 in the Mediterranean resort city of Antalya with the participation of 25 professional cycling teams.