Savvy Hackers Target Wall Street

Hackers are putting a new twist on the concept of insider trading. A cybercrime ring known as FIN4 is apparently stealing insider information and using it to manipulate stock prices on Wall Street.

FireEye, an advanced cyberattack prevention firm, just released an intelligence report that offers an in-depth analysis of how the financially-motivated cybercriminals are executing attacks against publicly-traded companies to play the stock market.

EUAdvanced threat actors conducting attacks to play the stock market to their advantage has long been a worry but never truly seen in action,EU said Dan McWhorter, Vice President of Threat Intelligence at FireEye. EUFIN4 is the first time we are seeing a group of very sophisticated attackers actually systematically acquire information that only has true value to a criminal when used in relation to the stock market.EU

Never-Before Seen

Entitled EUHacking the Street? FIN4 Likely Playing the Market,EU the report exposes the work of a team of native English speaking operators with deep knowledge of how the targeted industries work and the nuances of their financial practices.

FireEye has dubbed the group FIN4 and concluded the group has targeted about 100 publicly-traded companies -- or their advisory firms -- to collect information to gain a trading advantage on Wall Street.

The security firm said FIN4 is not like nation-state backed advanced persistent threat groups based in China and Eastern Europe. Rather, FIN4 executes its attacks in a way FireEye said it has never seen. Specifically, the group does not rely on malware, but depends heavily on highly-targeted social engineering tactics and deep subject-matter expertise to deliver weaponized versions of legitimate corporate files.

Industrial Espionage

This is not a new attack. Since at least mid-2013, FireEye has reported that FIN4 has made product development, M&A (mergers and acquisitions) strategies, legal issues, and purchasing processes of companies its target data points....

Comments are closed.