Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Nation-State Moneymule's Hunting Season - APT Attacks Targeting Financial Institutions

Black Hat via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive analysis of four recent APT campaigns targeting financial institutions in this 55-minute Black Hat conference talk. Delve into the intricate details of attacks on South Korean and EMEA banks, an ATM company, and Bitcoin exchange service providers. Gain insights into the malware, vulnerabilities, indicators of compromise (IOCs), and attack vectors employed by nation-state actors. Examine the Bluenoroff group's assault on a major Korean bank, the breach of an ATM operator company, and the hacking campaign against Bitcoin exchanges. Investigate a unique attack on an Egyptian bank and discover how threat actors utilize various delivery methods and decoys. Learn about the attackers' use of open directory browsing on command and control servers, their acquisition of new C&C infrastructure through Bitcoin, and their deployment of Monero miners. Analyze sample timestamps to understand the Andariel Group's activities and conclude with key takeaways from this in-depth exploration of sophisticated financial cybercrime.

Syllabus

Intro
BACKGROUND - who are they?
BACKGROUND - Activity Timeline
KOREA MAJOR BANK ATTACK BY BLUENOROFF - Background
KOREA MAJOR BANK ATTACK BY BLUENOROFF - Attack Vector
KOREA MAJOR BANK ATTACK BY BLUENOROFF - Malware
VANXATM - ATM OPERATOR COMPANY BREACH
BITCOIN EXCHANGES HACKING CAMPAIGN
BITCOIN EXCHANGES HACKED - Phishing Email Attack Vector
BITCOIN EXCHANGES HACKED - Attack Timeline
INTERESTING ATTACK TARGETED BANK IN EGYPT - Background
Campaign targeted Egypt bank and SK banks - Delivery Method
Campaign targeted Egypt bank and SK banks - Interesting Decoys
Directory browsing open on C&C server
Getting new C&C server with (stolen? ransomed?) bitcoin
USING MONERO MINER
Sample Timestamp Analysis of Andariel Group (GMT+9)
BLACK HAT SOUND BYTES (CONCLUSION)

Taught by

Black Hat

Reviews

Start your review of Nation-State Moneymule's Hunting Season - APT Attacks Targeting Financial Institutions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.