Several banks in Poland have been affected in a hack that could be seen as the largest in the country's history and financial sector.
Over the past week, security teams at several banks have discovered malicious executables on the work stations of several banks. Whats surprising is that the malware seem to originate from their own financial regulator server, the Polish Financial Supervision Authority (KNF) which is meant to ensure the safety and security of financial systems in Poland.
Also Read: Hacker who hacked the "Hacking Team" arrested by the police
According to BadCyber, an unknown hacker had compromised the KNF's website and modified one of the site's JavaScript files, making those visitors to the regulators site to automatically load the JavaScript file. Once download and executed, the malware connects to some foreign servers to perform various malicious tasks such as reconnaissance, post exploitation and data ex-filtration.
Banks affected by this hack discovered that the encrypted executable files running on their servers made their servers to send usual traffic to strange IP addresses in foreign countries. Some of the banks even had their servers totally hijacked by the criminals.
Also Read: How to send a mail anonymously without revealing your email address and identity
The KNF and the Polish government says that no record of money loss during the hack. They confirmed that there were ongoing investigations into the attack.