What are the tricks of the hacker group that steals confidentiality from the email account and performs stock trading in an advantageous manner?

× Software

By Merrill College of Journalism Press Releases証券取引委員会(SEC)が、企業のメールアカウントに侵入して株取引や合併に関する機密情報を盗み出した疑いのあるハッカー集団を捜査しています。サイバー攻撃による新しいインサイダー取引が発生していることから、アメリカ政府も本腰を入れて対策に乗り出しており、サイバーセキュリティ企業「FireEye」が企業情報を狙う集団のハッキングの手口を独自に調査したレポートを公開しています。Exclusive: SEC hunts hackers who stole corporate emails to trade stocks | Reutershttp://www.reuters.Com/Article/2015/06/24/US-HACKERS-Insidertrading-Iduskbn0P31M720150624

HACKING THE STREET? FIN4 LIKELY PLAYING THE MARKET(PDFファイル)証券取引委員会(SEC)は情報漏洩の詳細の提供を少なくとも8社に求めており、そのうち1社で働く人物は「当局の異様な動きは、アメリカ政府のサイバーアタックに対する懸念が反映されている」と感じているとのこと。証券取引委員会がインサイダー取引の捜査で企業にアプローチしたのはこれが初めてで、サイバーセキュリティの失敗は新しい方法によるインサイダー取引を生み出してしまうため、当局は新種の犯罪に警戒を強めているわけです。

It is believed that confidential information was stolen by the hacking of the email account and insider trading was performed, and the trick of monitoring corporate transactions and stealing corporate confidential information was reported in December 2014 by cyber security company Fireeye. It is written in detail. The report reveals a group of "Fin4", which seems to have stolen more than 100 corporate secrets. Fin4 is a hacker group that steals confidentiality in organizations and companies, and the target company is 68 % of public and pharmaceutical public companies, 20 % for public companies related to legal, securities, legal and M & A, and other public companies. Is 12 %. Individuals are targeted by those who are involved in corporate management, those who are connected to the upper level, those who are lawyers, regulations, risk and compliance, researchers, scientists, and advisors.

Furthermore, if more than 60 % of the total, medical -related companies are targeted, 50 % for biotechnology companies, 13 % for medical equipment, 12 % for medical equipment and equipment, and 10 % for pharmaceutical companies.Medical insurance plan is 5 %, medical examination and research companies are 5 %, medical services are 3 %, and medical supplies sales are 2 %.From this, Fin4 focuses and identifies the person who is on the M & A project.

After identifying the target, Fin4 sends a phishing email in line with the interest of the target.The following is an example of a fishing email actually sent to a corporate executive, and the title is "about the matter where your company employees have posted negative comments".Is the corporate domain of the recipient who has been accessed.The content is a confidential email such as "Your company employees have posted negative comments to a certain forum", and a clever phishing email is used, such as "corresponding forum".。

When you access the URL, an Office document with a VBA (Visual Basic for Applications) macro is opened, and a fake Windows authentication input field is displayed.If you enter the information, the login information of the email account will be stolen.As a countermeasure for companies that disable VBA with Office, it may be installed in fake OWA (Outlook Web App) link instead of links.

The target that has been extracted from the account information is to be monitored in real time in real time, and if transactions such as M & A are proceeded, corporate secrets will leak outwards.Fin4 tricks are not infected with malware, so it is not only difficult to detect hacking with virus software, etc., but Fin4 creates a filter for an email box after hijacking an email account.I know you are there.All e -mails, including words such as "fishing", "malware", and "hacking", are all deleted, and it is expected that they are spending time before the hacking is discovered.


The following is a figure showing a series of flows of Fin4 spy acts.As the first stage, you will hack the email account of "Advisor Company A", and from there, you will also invade "Advisor Company B".Therefore, the information that the public company A company A was preparing for a large -scale merger a few weeks later, and was leaked from Company A and Company B.In addition, Fin4 will steal information that the merger of Company A and Company B will be officially announced a few days later by invading the merger team of the public company A.Fin4, which has obtained this information, is a mechanism that makes a profit by conducting insider trading according to the fluctuation of the market.

Fireeye has revealed that the FBI has been asked to explain this report, and it seems that not only the securities and trading committee but also the US organizations are strengthening measures against new cyber attacks.


・関連記事ハッカーが2分以内にマルウェアを埋め込めるBIOSの脆弱性が発見される - GIGAZINEハッキングしてほしい人と仕事が欲しいハッカーのマッチングサイト「Hacker’s List」 - GIGAZINEメジャーリーグでライバル球団の選手情報をハッキングした疑いがありFBIが捜査中 - GIGAZINEハッキングされたTV局がパスワードを書いた付箋を堂々と放送していたことが判明 - GIGAZINEサイバー犯罪者を次々と送り出した伝説のハッカーの街「Hackerville」のドキュメンタリー映像日本語字幕付がYouTubeで全編公開中 - GIGAZINE女優やスポーツ選手のヌード写真が再び大量流出 - GIGAZINEソニー・ピクチャーズがハッキングを受けて全システムがダウン、さらに脅迫も - GIGAZINE

・ Related content


in software, Posted by Darkhorse_log

You Can Read The Machine Translated English Article Here Here Here Here.

Hot Articles

How to Save Websites as PDF on iPhone or PC | Business Insider Japan

How to Save Websites as PDF on iPhone or PC | Business Insider Japan

Sign up for a free e-mail newsletter We'll send you a Business Insider Japan e-mail newsletter at 17:00 on weekdays. Check the terms of use You can save the website as a PDF from various web browsers including Safari on iPhone. Photo: Takuma Imamura Web page suddenly ...

Yahoo! News Digitalizing the traditional "small pattern dyeing" pattern Crisis of disappearance, challenge of long-established president

Yahoo! News Digitalizing the traditional "small pattern dyeing" pattern Crisis of disappearance, challenge of long-established president

In the file in front of Mr. Atsushi Tomita, a well-preserved paper pattern is included so that it is not exposed to the air as much as possible. To prepare for digitization and prevent deterioration = Taken by Hiroyuki Kondo on the morning of December 10, 2021 at Tomita Dyeing Crafts in Shinjuku-ku, Tokyo ...

 It's okay if you forget to record the news!How to see the famous scenes of the Olympics later on your smartphone

It's okay if you forget to record the news!How to see the famous scenes of the Olympics later on your smartphone

Explaining how to use the archive distribution The Tokyo Olympics attracts attention not only for players' play but also for unique commentary. Even if you miss it even though it became a hot topic, or if you did not record it, you can do it at your favorite timing later ...