The hacking campaigns were against financial, manufacturing, and retail businesses across the United States and Europe, says Cybereason.
Cybereason, a cybersecurity technology company and creator of the leading Cyber Defense Platform, has released an investigative research report “looking at a new series of hacking campaigns against financial, manufacturing, and retail businesses across the United States and Europe,” according to a statement released on Wednesday.
The Israeli experts are said to have discovered new computer viruses that were used to steal credit card details from retail stores and financial institutions. The methods which were used, says Cybereason, would indicate that it was carried out by an organized group that specializes in the theft of financial information.
“The gravity and danger that lies in commodity malware infections have the potential of escalating into a hacking operation with a disastrous outcome, whether it be a ransomware infection or theft of sensitive financial data,” said Assaf Dahan, Cybereason’s senior director in charge of threat research.
“While previous operations focused on causing ransomware infections by compromising critical assets like the domain controller, this new operation targets Point-of-Sale (PoS) systems,” said the statement, meaning that the theft was usually carried out at the point of purchase in retail stores, using the credit card-scanning devices themselves.
One of the critical points, says the company, is that “many of the payloads in the attacks are signed binaries, which demonstrates the ever-growing trend of signed threats that abuse the trust of certificate authorities to bypass detection.”
On the other hand, the company touts that it “gives the advantage back to the defender through a completely new approach to cybersecurity.”
Cybereason explains that it “offers endpoint prevention, detection and response, and active monitoring. The solution delivers multi-layered endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and file-less attacks.”
“It is a rare achievement to discover a network that operated for six months without getting caught. The ability to recreate their steps and purge their activities is no trivial matter; it is definitely a medal of honor for the Israeli cyber defense field,” said Dahan, in a comment reported in The Jerusalem Post.