Plug-ins for Shops Handling Przelewy24 with Critical Security Gaps

What can be worse than a leaky plug-in? Perhaps many leaky plug-ins supplied by one supplier, installed in several places and responsible for handling of financial transactions.

Continue reading “Plug-ins for Shops Handling Przelewy24 with Critical Security Gaps”

Watch out for a cunning attack on Polish Internet users

Recently, we had a chance to help a user who received a suspicious message. Unlike thousands of other Internet users, instead of clicking links indiscriminately, he followed his hunch and called us. It turned out that he had experienced an unknown type of attack.

Continue reading “Watch out for a cunning attack on Polish Internet users”

Multiple bank accounts robbed by thieves using an innovative service of a mobile phone operator

In June and July of 2015, the thieves stole several hundred thousand zlotys (at least 100k EUR) from accounts of the bank customers. The affected customers had one thing in common – they had a phone in Play network (a Polish mobile operator) and received a series of text messages with codes to authorize non-commissioned transfers.

Continue reading “Multiple bank accounts robbed by thieves using an innovative service of a mobile phone operator”

Technical analysis of recent attacks against Polish banks

It has been three weeks since first information about succesful attacks on Polish banks has reached our ears. It’s time to put together the technical description of how the attacks were performed. Continue reading “Technical analysis of recent attacks against Polish banks”

Several Polish banks hacked, information stolen by unknown attackers

Polish banks are frantically scanning their workstations and servers while checking logs in the search of signs of infection after some of them noticed unusual network activity and unauthorised files on key machines within their networks. This is – by far – the most serious information security incident we have seen in Poland. Continue reading “Several Polish banks hacked, information stolen by unknown attackers”

Errors, threats and extortion – history of a bank hack part three

This is the epilogue in the Polish bank heist story, where one of the hackers gets caught by the police.

The Polish police never ceases to surprise. Another administrator of ToRepublic forum was detained by the police. This time it was Polsilver, who six months ago stole money from Plus Bank. Continue reading “Errors, threats and extortion – history of a bank hack part three”

Errors, threats and extortion – history of a bank hack part two

In this episode of the Polish bank heist we describe the actions taken by criminals after the bank they hacked refused to pay the ransom they requested.

The ultimatum presented to Plus Bank, robbed by criminals, has elapsed. The burglar, who apparently has not received the ransom, has published data of hundreds of business accounts of Plus Bank customers. Continue reading “Errors, threats and extortion – history of a bank hack part two”

Errors, threats and extortion – history of a bank hack part one

A few months ago a Polish bank fell victim to a serious hacker attack, and that its customers’ money, passwords and personal information were stolen. Within this series, we reconstruct the gradual disclosure of information on this subject.

The evidence we have received shows that a mysterious attacker had full access to the main webserver of a Polish bank for several weeks. That enabled him to make unauthorized transfers and collect personal information of customers, as well as their cards and account history. The attacker claims to have stolen a total of approx. PLN 1 million from multiple accounts, and the bank allegedly was in the dark for several weeks. Continue reading “Errors, threats and extortion – history of a bank hack part one”