According to reports a new version of the malicious Carbanak malware, christened Anunak – is attacking financial institutions around the world. Kaspersky Lab reported in February that a sustained attack resulted in a $1 billion haul for the orchestrators of the original program. Itwire.com is reporting that a U.S. casino has been infected with the goal of compromising Point of Sale (PoS) servers that are used in processing payments. The report states without naming the casino that the threat is a new application and use for the malware that could threaten other PoS environments. In the past year Hard Rock Hotel & Casino Las Vegas, Trump Hotels, Las Vegas Sands, and FireKeepers Casino and Hotel located in Battle Creek, Michigan have reportedly been under attack from various entities.
Attackers gain access to systems via phishing or infected Word documents and then perform a manual search within the network to find a point of interest depending on their goal. Once in they can steal money from the infected party.
In some cases during the original attacks the criminals were able to inflate account balances before transferring funds in a fraudulent transaction. Simply adding a zero to a $1,000 balance would give them $10,000 to work with, transferring $9,000 and leaving the account holder none the wiser with their original $1,000 balance intact. They also took control of ATMs, and ordered them to dispense cash at certain times – an accomplice would be waiting at the dispenser to take the cash.
“These bank heists were surprising because it made no difference to the criminals what software the banks were using. So, even if its software is unique, a bank cannot get complacent. The attackers didn’t even need to hack into the banks’ services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery,” said Sergey Golovanov, Principal Security Researcher at Kaspersky Lab’s Global Research and Analysis Team.
The new attacks from Anunak are mostly being seen in the US but Asia, Russia, Europe, and the United Arab Emirates are also being hit.