Last week, banks and other Australian financial institutions were targeted by a global hacking campaign, which appears to have been active since October 2019. Specifically, this "hacking" campaign had sent messages through e-mail to potential victims threatening them with DDoS attacks if they did not have to pay high amounts cryptocurrency Monero for ransom.
In accordance with ACSC, the hackers did not carry out their threats in all cases, as no DDoS attacks were observed. This is due to the fact that it was impossible to gather all the required DDoS resources to be able to attack all their targets. In addition, the ACSC has issued some protection tips against this "hacking" campaign.
As ZDNet reported, hackers they were initially targeted by banks and other financial institutions, and then their threat extended to industries. In particular, targeted banks in Singapore and South Africa, telecommunications companies in Turkey, service providers Internet in South Africa as well as websites online betting and gambling throughout Southeast Asia. The "hacking" campaign continued the threats of DDoS attacks, moving methodically against companies and targeting countries around the world.
In addition, the hackers hiding behind this campaign often signed threatening email messages under a different name. Initially, they used the name Fancy Bear, the name of the famous "hacking" group associated with the Russian government and known for the "hacking" of the White House in 2014 and the DNC in 2016. In the process, they used Cozy Bear, the name of another well-known group ”Which was associated with the Russian government, which was also known for its involvement in the“ hacking ”of DNC in 2016. Other names they used were Anonymous, Carbanak and Emotet. All are names of well-known piracy and cybercrime businesses. Those behind this campaign hope that victims will search for these names online after receiving threats via email. THE Google searches thousands of search results for these terms, and hackers hope that this will help potential victims to believe and fear their threat and thus pay the ransom they need.
Now, these hackers use the name Silence, which is associated with a group of "hackers" known for stealing millions of dollars from banks in Eastern Europe, South and Central Asia and more recently Sub-Saharan Africa.
Radware, which provides DDoS attack protection advice, advised victims who received threatening messages to pay high encryption fees Monero for ransom to avoid DDoS attacks, NOT to pay, but to contact a cyber security company. Finally, the ACSC recommended that organizations be prepared in advance for attacks to work more effectively, as it can be very difficult to respond when the attack begins.