Express Computer
Home  »  Security  »  Seqrite flags new wave of Adwind Java RAT campaign targeting Indian Co-operative Banks

Seqrite flags new wave of Adwind Java RAT campaign targeting Indian Co-operative Banks

0 221

Seqrite – a specialist provider of cybersecurity products and services – has detected a new wave of Adwind Java Remote Access Trojan (RAT) campaign targeting Indian co-operative banks using Covid-19 as a bait. Researchers at Seqrite warned that if attackers are successful, they can take over the victim’s device to steal sensitive data like SWIFT logins and customer details and move laterally to launch large scale cyberattacks and financial frauds. Seqrite is successfully detecting and blocking any such attempts using its patented Signatureless and Signature-based detection technology.

What is the attack methodology?

According to the researchers at Seqrite, the Java RAT campaign starts with a spear-phishing email that claims to have originated from either Reserve Bank of India or a nationalized bank. The content of the email refers to COVID-19 guidelines or a financial transaction, with detailed information in an attachment, which is a zip file containing a JAR based malware

Upon further investigation, researchers at Seqrite found that the JAR based malware is a Remote Access Trojan that can run on any machine which has Java runtime enabled and hence it can impact a variety of endpoints, irrespective of their base Operating System. Once the RAT is installed, the attacker can take over the victim’s device, send commands from a remote machine, and spread laterally in the network. In addition, this malware can also log keystrokes, capture screenshots, download additional payloads, and extract sensitive user information.

What is at stake?

Such attack campaigns can effectively jeopardize the privacy and security of sensitive data at the co-operative banks and result in large scale attacks and financial frauds. Here are the different ways in which attackers can affect the banks:-

Steal Sensitive Data

Cyberattack on banks can lead to stealing of all customer data and important financial infrastructure details. This data leak helps the attacker to plan the next phase of attack including targeted attacks.

Financial Frauds

Backdoors often lead to stealing of credentials for important financial infrastructure like SWIFT logins. This can lead to big financial loses to banks. We have previously seen incidences where banks had to face large financial losses due to such attacks.

Larger Attacks

During the last few years, there have been a few drawn-out and long duration cyberattacks on banks resulting in huge financial impact. Such attacks usually start with an initial infection that gives cybercriminals access to resources within the network, and spread laterally to the rest of the network till attacker gains access to sensitive/confidential information. The possibility of this Java RAT based being one such starting point should not be discounted.

The timely detection and blocking of such attack campaigns is, therefore, essential for maintaining the integrity and trust in banking institutions. Seqrite recommends users to exercise ample caution and avoid opening attachments and clicking on web links in unsolicited emails. Banks should also keep their Operating Systems updated and have a full-fledged security solution installed on all the devices.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image