A Russian-speaking cybercriminal group named Silence is likely behind the brazen attack on Dutch-Bangla Bank’s ATMs in Bangladesh, said Group-IB, an international cyber security company.
In a report published in their website on July 3, the company said, “This is one of Silence’s most recent international attacks which, indicates that the gang has expanded its geography and has gone global, focusing now on APAC markets.”
The cyber attack on DBBL ATMs in Dhaka took place on May 31 and resulted in the theft of $3 million, according to Bangladeshi media.
But the company said the actual amount of money stolen could be much higher.
Investigators from Bangladesh earlier suspected the criminals were members of a North Korean hacker group named “Hidden Cobra”.
They claimed they had links to the “Lazarus Group”, the infamous gang involved in the 2016 Bangladesh Bank heist.
Group-IB reported that during the attack on DBBL, the cyber criminals likely used Trojan malware that allows remote commands to be executed covertly, including downloading of files from the compromised server.
“Once they gained access to the bank’s infrastructure, Silence went on to the next stage of the attack – money withdrawal. One of the instances was captured on CCTV from May 31, published by the local media,’’ the report reads.
The cybercriminal group Silence earned notoriety for their attack on bank management systems and card processing systems in different parts of the globe.
The gang mainly targets locations in Russia, Ukraine, Belarus, Azerbaijan, Poland, and Kazakhstan. They also sent phishing emails to bank employees in Central and Western Europe, Africa, and Asia.
“Having tested their tools and techniques in Russia, Silence has gained the confidence and skill necessary to be an international threat to banks and corporations. Asia in particular draws cybercriminals' attention. Dutch-Bangla Bank is not the first of Silence’s victim in the region. In total, we are aware of at least four targets Silence has attacked in Asia recently,” said Rustam Mirkasymov, Head of Dynamic Analysis of Malicious Code at Group-IB.
Six Ukrainian nationals were arrested on June 2 over the attack on DBBL. Another Ukrainian suspect escaped arrest.
Police said the Ukrainian nationals arrived Dhaka on May 30 and committed the crime the very next day.