By 
Russian cybercriminal group, Silence APT, has launched a hostile campaign against banks in more than 30 countries the world over.
Vigorous since September 2016, the group’s most recent effective campaign was against Bangladesh-based Dutch-Bangla Bank, which lost over $3 million during a spate of ATM cash withdrawals in the last many days.
A new report reveals that the hacking group has considerably expanded their geography in the last several months and augmented the frequency of their attack campaigns.
The report also states the development of the Silence hacking group from young and extremely driven hackers to one of the most cutting-edge advanced persistent threat (APT) group that is now threatening banks worldwide.
The hacking group has updated their unique TTP (tactics, techniques, and procedures) and altered their encryption alphabets, string encryption, and commands for the bot and the main module to avoid exposure by security tools.
“In addition, the actor has completely rewritten TrueBot loader, the first-stage module, on which the success of the group’s entire attack depends. The hackers also started using Ivoke, a fileless loader, and EDA agent, both written in PowerShell,” the researchers said.
“These campaigns were no longer focused just on Russia and former Soviet countries but spread across Asia and Europe. Since our last public report, Silence has sent out more than 170,000 recon emails to banks in Russia, the former Soviet Union, Asia, and Europe,” the report reads.
“In November 2018, Silence tried their hand at targeting the Asian market for the first time in their history. In total, Silence sent out about 80,000 emails, with more than half of them targeting Taiwan, Malaysia, and South Korea.”
