MoneyTaker, revealed after
1.5 years of silent operations.
Explore how this group managed to hide their traces while conducting 20+ attacks on banks and financial services companies in the USA, UK and Russia.
Discover in the report:
- Unique techniques to enter the network.
- TTPs and analysis of cybercriminal infrastructure.
- Predictions on new targets.
- Indicators of Compromise to monitor your network.
MoneyTaker uses publicly available tools, which makes the attribution and investigation process a non-trivial exercise. In addition, incidents occur in different regions worldwide and at least one of the US Banks targeted had documents successfully exfiltrated from their networks, twice. Group-IB specialists expect new thefts in the near future and in order to reduce this risk, Group-IB would like to contribute our report identifying hacker tools, techniques as well as indicators of compromise we attribute to MoneyTaker operations.
Head of Threat Intelligence Department, Сo‑founder Group‑IB