A team of sophisticated hackers with insider trading ambitions has been targeting executives at over 100 organisations for over a year. While their hacking techniques aren't all that sophisticated, they appear to have a deep understanding of the investment banking industry.
The hacks themselves are surprisingly simple. FireEye, the security research company that uncovered the ring, says that the attackers are sending official-looking emails to top-level executives that send the victim to a login page, where they unwittingly give up their login credentials. This isn't a run-of-the-mill phishing operation though. The emails are hand-tailored, written in perfect English, and full of financial jargon. In some cases, the hackers broke into the companies' servers ahead of time and downloaded confidential documents that they could attach to the emails to make them look more legit. The end goal is to gain access to any given executive's email so that the hackers can glean insider knowledge about the companies that might give them an edge in the stock market.
FireEye's calling this new group of hackers Fin4 due to their focus on the financial sector. The firm also believes that the hackers are based in North America and probably have a background in investment banking. The hackers also cover their tracks by hawking their inboxes and filtering out any hacking-related emails. They're not screwing around, either. None of the targeted companies were named specifically in the report, but all but three of the 100-plus companies targeted are listed on the New York Stock Exchange or Nasdaq.
These are hardly the first hackers to target the stock market, but their approach is certainly unique. In general, attacks on the financial sector are on the rise which should not be a surprise since Wall Street seems pretty vulnerable to an attack. Of course, any industry could fall victim to irresponsible email habits. [NYT]