“The way they may also put it to use, i think, is by way of a few forex market and through offering it”.
The group, which security researchers from Kaspersky Lab and Symantec call Wild Neutron or Morpho, has broken into the networks of over 45 large companies since 2012.
FIN4 has less technical skill but uses knowledge of the investment banking world and strong social engineering, or trickery, to harvest email credentials and discover material financial information. Morpho frequently uses the “watering hole” technique, infecting websites which are likely to attract their target victim.
The hacker group, which has been dormant for a few months now, was involved in hacking companies of Silicon Valley in 2013.
Initially, it was thought that China was behind these attacks, but as it turns out, Apple stated that no data was stolen from these breaches.
Symantec warns in a report published yesterday (July 8) that a new group of criminal hackers – dubbed the “Morpho” group – is driven by quick financial gains, attacking multibillion-dollar companies such as Twitter, Facebook, Apple and Microsoft, which have all publicly acknowledged the attacks.
After the 2013 attacks against Twitter, Facebook, Apple and Microsoft were highly publicized, the group went underground and temporarily halted its activity.
Symantec caught a break in their research on Morpho when a regular backup was made of a machine the group had infected during a 12-hour window when some of the custom-made navigation tools were still running.
A corporate espionage group has compromised a string of major corporations over the past three years in order to steal confidential information and intellectual property.
Between 2012 and 2015, the primary industries targeted by Morpho were the technology, legal, pharmaceutical and commodities sectors, with the most recent attack seen against the Central Asian offices of an unnamed “global law firm” hit in June. According to the company, the gang’s activities appear to be financially motivated, as opposed to actions by a state-sponsored attack group, though Morpho is “technically proficient and well resourced”, the firm pointed out. The Federal Bureau of Investigation declined to comment when asked by Reuters, while all the tech companies also declined to discuss the research or any implications. The attackers then use additional custom hacking tools to move laterally through the network and compromise additional computers, servers and other devices. They are focused on stealing high-level, sensitive corporative information. The group has also referenced popular English-language memes, such as “All Your Base Are Belong to Us”, indicating that at least some members are fluent English speakers with a deep understanding of the cultures of the countries they target.