Australian banking and financial institutions received extortion emails threatening them of possible distributed denial of service (DDoS) attacks against them. The extortioners demanded a ransom that requires to be paid in the form of Monero (XMR) cryptocurrency. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is conscious of this extortion campaign and released threat advice to all Australian organizations.
The DDoS Scare for Australian Banks
The Silence Hacking Crew claimed the responsibility of this threat campaign. Nevertheless, ACSC was not able to confirm these claims until going to print. Silence hackers are one of the most active Advanced Consistent Threat (APT) actors’ group reportedly supported by Russian state-sponsors. The crew is specifically targeting the financial sector due to the large quantity of customer PII data that these organizations possess (which also makes them most vulnerable in case of a cyberattack) and their ability to pay larger ransom amounts.
The ACSC confirmed that although the ransom driven DDoS (better known as RDoS) campaign has been running actively across the country, no instances of successful DDoS attacks have been reported yet. Nevertheless, it also recommended that becoming prepared for such type of a cyberattack is the best immediate incidence response strategy before a DDoS attack is started.
Silence Hackers Target Banks Around the Globe
Earlier in January 2020, experts from Kaspersky discovered thousands of attack notifications on popular banks in the sub-Saharan Africa (SSA) region. Experts stated that signatures of the Silence hacker group had been observed in these attacks. They reportedly deployed a malicious code on the bank’s network to run malicious commands on hosts and allegedly used the access to orchestrate fund withdrawals from the bank’s ATMs.
In another instance, the research firm Group-IB discovered that the same group of hackers breached multiple banks in 25 plus countries globally, including Bangladesh, India, Sri Lanka, and Kyrgyzstan. The worst-hit of them was the Dutch Bangla Bank, where the attackers evidently scooped out more than US$3 million in an ATM cash-out attack in May 2019.