Russian ‘Silence’ bankrobber Trojan has been quietly, and persistently, stealing money direct from the banks themselves rather than targeting customers
The advanced persistent threat is ongoing, and the work of a Russian-speaking newcomers to the scene called the Silence group. The Silence Trojan itself is similar in many ways to the now infamous Carbanak threat that relieved banks of more than a billion dollars between 2013 and 2015. The similarity is not just in the ties to Russia, but also in the attack methodology applied.
According to Kaspersky Lab Silence looks to gain persistent access to internal banking networks over a lengthy period of time, during which day to day activity on the network can be monitored. The precise nature of each separate bank network infected is explored and the Trojan waits for the optimal moment to attack using the intelligence gained.
