Attacking from inside, cyber crooks rake in millions from banks

Kaspersky Lab researchers revealed that cyber-crooks stole tens of millions of dollars by hacking Eastern European banks through direct connections to local networks. At least eight banks, dubbed collectively as DarkVishnya, were targeted. Cyber-criminals pulled off the heists by first entering banks under the guise of couriers, job seekers, or something similar and left behind hidden devices, such as Bash Bunny, Raspberry Pi, inexpensive laptops, or netbooks. The second stage of the attack involved attackers remotely connecting to the rogue device left behind via a built-in or USB-connected GPRS/3G/LTE modem to scan the local network, harvest information, and brute-force login data. They got around firewalls by planting shellcodes with local TCP servers.