A security company has uncovered a target on a number of firms outside of the finance sector, employing the financial malware Citadel, a more complex version of Zeus. The discovery was made through APT (advanced persistent threat) attacks.
IBM Trusteer identified the plan, which was designed to attack Middle Eastern petrochemical firms.
In a blog post, the firm’s enterprise research director, Dana Tamir, explained why Citadel’s abilities would attract APT actors. Citadel, found in 2012, was originally designed to steal banking detail. The malware grew in capabilities, however, and now possesses features that enable access over a longer period of time, wrote Tamir.
Tamir commented in the post:
“While the use of advanced malware that was originally built for financial theft as a generic advanced persistent threat (APT) tool is not new, this is the first time we’ve seen Citadel used to target nonfinancial organizations in a targeted/APT-style attack in order to potentially access corporate data, steal intellectual property or gain access to secured corporate resources.”
Tamir told SCMagazine.com that the firm was unable to confirm delivery methods of the malware, but that where financial malware is employed for APT, mass distribution would be effective for attackers.
When financial malware such as Citadel is employed cross-sector, it is dangerous territory for all professional sectors. In today’s high-tech environment, business owners need to be as aggressive as the attackers by ensuring that their data is being protected. By opening up cyber security jobs, they are taking a significant step towards that.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?
Log inWant to have an account with us?
RegisterWant to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.