Experts from Kaspersky Lab have identified a series of hacker attacks aimed at telecommunications and financial companies in Eastern Europe and Central Asia. As part of this campaign, attackers tried to seize funds and financial data from victims. The report states that hackers tried to withdraw tens of millions of dollars from the accounts of the attacked companies.
In each of the recorded cases, hackers used one technique, exploiting a vulnerability in corporate VPN solutions that were used in the attacked companies. The attackers used the CVE-2019-11510 vulnerability, tools for exploiting which can be found on the Internet. The vulnerability makes it possible to obtain data about the accounts of corporate network administrators, which can give access to valuable information.
The report states that cyber groups did not exploit this vulnerability. Kaspersky Lab experts believe that Russian-speaking hackers are behind a series of attacks on financial and telecommunications companies. They came to this conclusion after analyzing the attackersβ technology used to carry out attacks.
βDespite the fact that the vulnerability was discovered in the spring of 2019, many companies have not yet installed the necessary update. Given the availability of the exploit, such attacks could become widespread. Therefore, we strongly recommend that companies install the latest versions of the VPN solutions they use,β said Sergey Golovanov, leading antivirus expert at Kaspersky Lab.
Source: 3dnews.ru