Programmers announce that they have hijacked the database of Lithuanian banking software developers
On Saturday, one of the Internet forums frequented by programmers published a report that the database of Lithuanian banking software developers “BankingLab” (formerly UAB “Baltic Amber Solutions”) was stolen and distributed.
BankingLab is a three-party platform that provides virtual currency exchange and banking services for fiat currency transactions. Clients include Simplex, Vialet, etc. “We recently gained full access to BankingLab’s server and accessed all customer data, including each customer’s user transaction flow, identity information,” the message reads.
The software also shares data from Bankinglab’s internal password management system, Pam360, and a master key that includes the SSH key for internal services, various system and server passwords, and more.
“Enjoy!”, the hackers finish the message.
According to Cybernews cyber security expert Mantas Sasnauskas, this could be one of the biggest – if not the biggest – cybercrime in Lithuania, and it will have significantly greater consequences than CityBee’s data theft. He points out that if hackers are already sharing their loot publicly and for free, it means that they will have already squeezed out the maximum benefit.
According to an IT specialist, the US Critical Infrastructure Agency had been reporting these types of attacks for several weeks – and what has now happened is business/supply chains. supply chain) attack.
BankingLab used Pam360, a business data access manager that allows the company to grant access, authorizations, force changes or create new passwords, and more to its customers – other companies. Other large companies also use this driver – I think Amazon, NHS and the like,” says M. Sasnauskas. And in this driver, a critical error was detected, the dangerousness of which was rated by experts as 9.8 on a ten-point system.
According to a Cybernews expert, exploiting this vulnerability allows a hacker to become an administrator of that entire system and remotely launch their own programs.
“What most likely happened in the case of BankingLab,” summarizes M. Sasnauskas. – By the way, experts had sent advice on how to avoid such an attack, but it is not known whether BankingLab received those advices and made some decisions, or not. The bottom line is that this loophole was most likely used to get the first access to their systems. And since BankingLab has a lot fintech customers in Lithuania (and possibly outside it), all those customers are potential victims – Perlas Finance, Simplex and all others. It must be assumed that they were all “broken”.
M. Sasnauskas says that all agencies should already be notified about the hacking – the State Data Protection Inspectorate, the Bank of Lithuania (because the latter oversees transactions and issues licenses). According to the expert, BankingLab customers knew about the crime already over the weekend.
He also points out that during the night from Saturday to Sunday, the 80 GB Perlas Finance database, which stores customer bank accounts and transactions, was already leaked.
For the portal lrytas.lt BankingLab has not yet been contacted.
Information is being filled.
Tags: biggest computer crime history Lithuania electronic banking sector affected
-
