Hackers switched to combined cyber attacks on the Russian financial sector

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

Experts began to note the particular interest of cybercriminals in the Russian banking sector as early as mid-summer 2021. In July, the Bank of Russia reported about the risks of “infecting” financial institutions through members of their ecosystems.

In August, FinCERT noted a series of large-scale DDoS attacks on at least 12 major Russian banks, processing companies and Internet service providers. The requests came from the USA, Latin America and Asia.

In early September, the Russian financial sector was attacked again. So, large banks and telecom operators that provide them with communication services were attacked.

Since August 9, the Russian Cyber Threat Monitoring Center (SOC) of the international service provider Orange Business Services has recorded a big increase in the number of requests. Attackers combine not only well-known attacks such as TCP SYN, DNS Amplification, UDP Flood and HTTPS Flood, but also only recently discovered ones, for example, DTLS Amplification.

In total, more than 150 attacks were recorded during the month, from August 9 to September 9, 2021. At the same time, their intensity is constantly increasing. Criminals are constantly trying to increase the power of attacks in the hope that telecom providers will not be able to clean up traffic in such large volumes.

In addition, the attackers used large international botnets. So, SOC Orange Business Services identified one of the networks based in Vietnam and South America, with more than 60 thousand unique IP addresses, and which was used to organize attacks like HTTPS Flood on the 3D Secure payment verification service.

The attackers also used the HTTPS Flood attack to make it impossible to use the banks’ application, in this case, the attack was carried out from the IP addresses of Russia, Ukraine and France.

“Based on how persistently and ingeniously cybercrim

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: Hackers switched to combined cyber attacks on the Russian financial sector