Australian banking and financial institutions received extortion emails threatening them of possible distributed denial of service (DDoS) attacks against them. To avert this situation the extortioners demanded a ransom that needs to be paid in the form of Monero (XMR) cryptocurrency. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of this extortion campaign and issued threat advice to all Australian organizations.
The DDoS Scare for Australian Banks
The Silence Hacking Crew claimed the responsibility of this threat campaign, however, ACSC was not able to confirm these claims until going to print. Silence hackers are one of the most active Advanced Persistent Threat (APT) actors’ group reportedly backed by Russian state-sponsors. The crew is specifically targeting the financial sector due to the huge amount of customer PII data that these institutions possess (which also makes them most vulnerable in case of a cyberattack) and their capability of paying larger ransom amounts.
The ACSC confirmed that although the ransom driven DDoS (better known as RDoS) campaign has been running actively across the country, no instances of successful DDoS attacks have been reported yet. However, it also recommended that being prepared for such type of a cyberattack is the best immediate incidence response strategy before a DoS attack is initiated.
Silence Hackers Target Banks Around the Globe
Earlier in January 2020, researchers from Kaspersky discovered thousands of attack notifications on popular banks in the sub-Saharan Africa (SSA) region. Researchers said that signatures of the Silence hacker group were observed in these attacks. They reportedly deployed a malicious code on the bank’s network to run malicious commands on hosts and allegedly used the access to orchestrate fund withdrawals from the bank’s ATMs.
In another instance, the research firm Group-IB discovered that the same group of hackers breached multiple banks in 25 plus countries worldwide, including Bangladesh, India, Sri Lanka, and Kyrgyzstan. The worst-hit of them was the Dutch Bangla Bank where the attackers apparently scooped out more than US$3 million in an ATM cash-out attack in May 2019.