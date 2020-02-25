Australia's banks targeted by 'DoS for ransom' threat

Attackers claim affiliation with hacking group Silence.

Australian banks are being targeted by a group threatening to launch denial-of-service attacks unless a ransom is paid, the Australian Cyber Security Centre says.

The campaign is being waged by attackers claiming to be from Silence, a Russian-speaking advanced persistent threat (APT) group that typically targets banks and financial institutions.

The ACSC said it had been “unable to verify” the claims of affiliation.

The centre did suggest, however, that multiple threats had been recently received.

“The ACSC is aware of a number of DoS for ransom threats being made against Australian organisations, primarily in the banking and finance sector,” it said on Tuesday evening.

“The threats in question are delivered via email, and threaten the recipient with a sustained DoS attack unless a sum of the Monero cryptocurrency is paid.”

The centre said it had so far received “no reports of the threats eventuating in DoS”.

In addition, it said it is “aware of a number of DoS threats made in the past against Australian organisations that did not eventuate.”

Silence has been extensively researched by the Singaporean cybersecurity firm Group-IB, which said in August last year that the group had “significantly expanded their geography and increased the frequency of their attacks”.

Silence initially targeted “post-Soviet states and neighbouring countries”, according to Group-IB, with Asia appearing to be particularly attractive.

The group used phishing emails to infect victims, but also used email campaigns to test the validity of email addresses and to “get information about the cybersecurity solutions used by a targeted company all the while remaining undetected,” Group-IB said.

