Intelligence summary
- In the spotlight this week: A surge in financially motivated cyber-attack campaigns has been attributed to “Silence”, which is a probably Russian cybercriminal group. Its members have purportedly conducted 16 new campaigns targeting banks around the world. Silence attacks have grown in maturity and sophistication, and the group should be considered a credible threat to the financial services sector for the short- to mid-term future (3 to 12 months).
- Weekly highlights include: a recent campaign by “APT28” using a Dynamic Link Library (DLL) backdoor; continued activity attributed to the “Magecart” threat umbrella, which remains active in the retail sector; and more targeting of South Korean cryptocurrency exchanges by the “Lazarus Group”.