Security News > 2021 > June > Russian hackers had months-long access to Denmark's central bank
Russian state hackers compromised Denmark's central bank and planted malware that gave them access to the network for more than half a year without being detected.
The compromise came to light after technology publication Version2 obtained official documents from the Danish central bank through a freedom of information request.
Despite the hackers' long-term access, the bank said that it found no evidence of compromise beyond the first stage of the attack, as it happened with thousands of organizations that installed the trojanized version of SolarWinds Orion.
In an email statement for Version2, the bank admitted that it was affected by the SolarWinds supply-chain attack and that it took action immediately after learning of the compromise.
"Action was taken quickly and consistently in a satisfactory manner, and according to the analyzes performed, there were no signs that the attack has had any real consequences" - Denmark Central Bank.
In April, the U.S. government provided clear attribution for the SolarWinds espionage campaign, naming the Russian SVR as the author of the attack, through its group of hackers known in the infosec industry as Cozy Bear.
News URL
Related news
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian Turla hackers hit Starlink-connected devices in Ukraine (source)