Last week, cyber security software provider McAfee released a statement warning that a form of malware known as Bankshot had been found within the Turkish financial system.
According to the statement, the Bankshot malware program was first found in 2017 and “is designed to persist on a victim’s network for further exploitation”, giving complete control of the compromised device to the hacker.
“The McAfee Advanced Threat Research team discovered that the cyber crime group Hidden Cobra continues to target cryptocurrency and financial organisations,” the statement said.
“We observed the return of Hidden Cobra’s Bankshot malware implant surfacing in the Turkish financial system. Based on the code similarity, the victim’s business sector and the presence of control server strings, this attack resembles previous attacks by Hidden Cobra conducted against the global financial network SWIFT.”
The software infects devices through a word document designed to look like “an agreement template for bitcoin distribution between an unknown individual in Paris and a to-be-determined cryptocurrency exchange”, the statement said.
