Hackers Use Compromised Banks as Starting Points for Phishing Attacks
A new report by Group-IB indicates that cyber attacks on financial institutions can create a domino-effect when threat actors use their foothold on a breached network to infiltrate the systems of connected organizations in other parts of the world.
Group-IB has seen various real world instances of these kinds of chain attacks. One of the most straightforward ways in which threat actors have used their access to a compromised organization in order to go after a similar target, is by sending phishing emails from one target to another. This technique was used in one real world chain attack that enabled threat actors to compromise banks in Kazakhstan and Georgia after they had broken into the network of a Russian bank.