Israeli team discovers viruses to nab credit card information

Acting undetected for six months, the hackers are estimated to have stolen tens of millions of dollars.

A man holds a laptop computer as cyber code is projected on him (photo credit: KACPER PEMPEL/REUTERS)
A man holds a laptop computer as cyber code is projected on him
New computer viruses have been discovered which were used to steal credit card details from retail stores and financial institutions in the US and Europe, with the methods used implying that it was done by an organized group specializing in the theft of financial information.
The theft was usually done at the point of purchase in retail stores, using the devices which scan the cards themselves. Additionally, the information banks of financial institutions, which use credit cards as a part of their work, were attacked as well.
This type of attack belongs to something called “Anchor” which at first uses known hacking tools used by security experts for lateral spreading of the harmful software across the attacked network. After the attackers have made sure that they’ve reached a high-profile target, they take things a step further and use unique programs.
According to the methods by which these attacks were conducted, it is thought that “FIN6” is responsible. It is an organization known for attacking cash registers and financial institutions, and has been linked to similar incidents in the past.
FIN6’s “activities were beginning to be revealed in October, after we managed to stop a cyberattack on our customers before they could reach financial data,” said Asaf Dahan, head of the research team at Cybereason, the organization which led the investigation.
“After a strenuous investigation, we managed to backtrack through the hackers’ activities and found that they’ve been spreading these viruses since August 2018 uninterrupted. We know that the attackers tried to get to sensitive financial information of different countries across the US and Europe,” he said. “By our estimation, millions were stolen from very large companies.”
“It is a rare achievement to discover a network that operated for six months without getting caught. The ability to recreate their steps and purge their activities is no trivial matter; it is definitely a medal of honor for the Israeli cyber defense field.”
FIN6 is known to use various types of viruses to get access to computers and attempt to steal information from them. While a lot of these attempts never result in actual attacks, once such a virus has spread, the infected computer is at their mercy, and they may use it to plant ransomware or steal other information.
Cybereason was formed in 2012, and specializes in collecting information from various computer devices in a given organization, and analyses the information within them, allowing them to recognize any sinister programs and stop them before they can cause any real harm.
Other sources of cyberattacks upon Israel are those that come from Iran, which, according to Prime Minster Benjamin Netanyahu, attempts daily attacks on the Jewish state through various targets such as airlines.