Banking Malware Attack Spotted in Poland, KNF’s Entire System Down

Prosecutors and other state security officials in Poland are investigating a hack, unprecedented in size, after discovering that workstations of some banks were hosting malicious software that infected various banking systems, according to Polish media.

The news comes a few days in a cyber-attack believed to be “from another country” and the first ever to result in a service outage, according to a KNF spokesman.

Experts believe that the issue seems to have been traced back to the web server of the Polish regulator’s website where a modified JavaScript file allowed visitors to load an external JS file which then executed malicious payloads on selected targets.

According to local media, some financial institutions had seen unusual network traffic and found encrypted executables on several servers. The details were rapidly shared between the group of roughly 20 commercial banks in the country and other banks started reporting the same issues.

The Polish authorities confirmed that customer money was untouched and that no operations have been affected so far. However, they said that the whole situation is still under investigation, so things may change in the days to come as more information comes to light.

A little more than a year ago, a government department that deals with cyber security confirmed that a few Polish commercial banks had been victims of a malware infection. The source of the executables, however, was the one entity they didn’t expect it from – the KNF.

At the time, the investigation suggested that the starting point for the infection could be the server of the Polish financial regulatory body. Overall, it is ironic that the website of the key institution responsible for assuring security in the financial sector was used to attack it.

 

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *