Russian Cyber Espionage Group Planning to Hit Banks
“APT28, the notorious cyber espionage group that is believed to be sponsored by the Russian government, is planning to attack various financial institutions from across the world, according to a report published on Tuesday by cybersecurity services and training provider root9B.
APT28 has been around since at least 2007. The threat actor, analyzed by several security firms over the past months, is known under various names, including Pawn Storm, Sednit, Fancy Bear, Tsar Team, and Sofacy. A report published by FireEye in October 2014 showed a direct link between the advanced persistent threat (APT) group and Russia.
FireEye noted in that report that APT28 had not been seen trying to steal and profit from financial account information. However, root9B says it has uncovered plans by the threat group to target international financial institutions.
The list of organizations that appear to be targeted by the attackers includes Bank of America, TD Canada Trust, Regions Bank, the United Nations Children’s Fund, United Bank for Africa, Commercial Bank International (CBI) in the United Arab Emirates, and possibly Germany-based Commerzbank.”