Financial information is always prone to targeted attacks which use legitimate software to avoid detection. The attack is carried out internally with no visible files in the hardware but they are hidden in the memory. Hence it is almost impossible to detect the malware and discover the fraud. The attackers sneak into the system to steal all the information they require and later erase their tracks. The forensic investigators find no evidence to work with.
According to statistics, these attacks hit around 140 enterprises to access financial process within the system. The victims are mostly from USA, France, Ecuador, Kenya, the UK and Russia.
A significant malware attack in the recent times was during January 2016, the Trojan.Odinaff effect which was specifically launched to target financial organisations which provide services in banking, trade, payroll etc. The amount of money stolen could go upto millions of dollars. This new wave of attack also carried some specifically designed infrastructure from the previous Carbanak attacks. The companies dealing with security often don’t realise it until its too late and millions are lost to hackers.
“The determination of attackers to hide their activity and make detection and incident response increasingly difficult explains the latest trend of anti-forensic techniques and memory-based malware,” says Sergey Golovanov, principal security researcher at Kaspersky Lab.
References:
https://www.symantec.com/connect/blogs/odinaff-new-trojan-used-high-level-financial-attacks