IBM have revealed that they have uncovered a sophisticated cyber attack, with links to organised crime in Eastern Europe, that is currently preying on unsuspecting organisations.
The attack, known as ‘The Dyre Wolf,’ is targeting enterprise organisations and has “successfully stolen more than US$1 million,” from the organisations it targets.
The attack uses “numerous sophisticated techniques” to target organisational bank transfers rather than individual accounts and has been responsible for sizeable losses.
“In recent incidents, organisations have lost between US$500,000 and US$1.5 million to attackers,” John Kuhn, senior threat researcher at IBM Managed Security Services, wrote on their website.
The attack has been linked with organised crime in Eastern Europe and Kuhn believes this shows the true scope of cyber attacks and the increasing threat they pose.
“An experienced and resource-backed cybercrime gang operates Dyre.
“It was used in wide-stroke attacks for the past year and has now moved into a more brazen stage of attacking corporate accounts via the incorporation of skilled social engineering schemes.
“What does this mean? As we continue to see, cybercriminals grow in resourcefulness and productivity at alarming rates. They are sharing expertise on a global scale via the ‘Deep Web’ and launching carefully planned, long-term attacks to attain the highest return on investment.”
Kuhn also noted that the attack shows no signs of stopping as the criminals continue to evolve their offering.
“In this campaign, the attackers are several steps ahead of everyone.
“Even while casting a wide net to reel in victims via spear-phishing campaigns, these attackers are targeting organisations that frequently conduct wire transfers with large sums of money.
“While there’s no easy way to know which companies do large wire transfers, it’s a very interesting coincidence. It’s also important to note that the majority of antivirus tools frequently used as an organisation’s first line of defence did not detect this malware.”