The Evilnum hacking group has been connected to cyberattack against fintech firms by researchers. Researchers have explored the taste of the hacking group for Financial technology targets, whereas the techniques, tools, or potential links of the group to other cyberattacks are little explored.
Researchers from ESET have been surveilling and investigating the APT for quite a while now and recently published the analysis done by them about the threat group.
The team states that the hacking group Evilnum has been focused on its targets that are situated in the United Kingdom and Europe. But some of the victims found and affected have been located in Canada and Australia.
The hacking group has aimed its attacks on infiltrating corporate networks, stealing valuable fintech data and information, and grabbing access credentials to be utilized for fraudulent purchases or to be sold further in large quantities to other criminals. This intention is similar to several other cyber attackers specializing in financial solution providers targets.
The preliminary attack vector of the threat group Evilnum is a common one of approaching the target victim with spear phishing emails. The standard emails of phishing are generally used in tactics such as ‘spray and pray’, whereas, these spear phishing messages seem to be utilizing social engineering as well as containing data and information that will make these emails appear to be genuine to account managers and technical support representatives.
These emails have a link to a .zip file that is hosted on Google Drive. As soon as the link is extracted, .LNK files that are malicious in nature will lead to decoy documents that seem to be files that relate to KYC (Know Your Customer) data like the copies of bills and driving licenses that have proof of address on them and infiltrating the privacy and authentication of these firms and solutions..
These documents then go on to execute an array of malicious elements and components for compromising corporate networks.
To know more about such fintech news and information follow the fintecbuzz. Fintecbuzz rolls out regular updates about the daily ongoings in the fintech world.
Chandrima Samanta, Content-Editor, FintecBuzz
Chandrima is a Content management executive with a flair for creating high quality content irrespective of genre. She believes in crafting stories irrespective of genre and bringing them to a creative form. Prior to working for Hrtech Cube she was a Business Analyst with Capgemini.
