Chinese Hackers Breached US Federal Deposit Insurance Corporation Using Backdoor Malware

The US Federal Deposit Insurance Corporation (FDIC), a government agency that supervises the country’s banks suffered several breaches in 2010, 2011, and 2013. Now it is found that Chinese hackers are likely to be behind these breaches and the shocking fact is that the US FDIC officials hid the attacks from Congress for years.

In total 12 computers and 10 servers were allegedly hacked by government-backed Chinese hackers — The compromised systems belonged to FDIC’s officials including former chief of staff and former general counsel. However these breaches happened because of improper data handling by employees, and not because of cyber-attacks from foreign states.

Multiple FDIC officials engaged in mismanagement, misled Congress, and retaliated against whistleblowers, according to the report released today by US House Committee on Science, Space, and Technology

A simple backdoor malware was used by the hackers to successfully conduct these three breaches. It is still unclear what sort of data was stolen from hacked FDIC computers but this is not the first time when the United States has pointed fingers at China about a high-profile hack. By hiding and delaying these data breach reports, FDIC officials put the economic safety of the affected individuals and the entire banking industry at risk.

According a report : In February a FDIC employee stole highly confidential data using a USB drive after leaving the corporation to work for a private sector firm. The stolen data at that time included “Suspicious Activity Reports, Bank Currency Transaction Reports, [Bank Secrecy Act] Customer Data Reports, a small subset of personal work and tax files, 1,200 documents, Social Security numbers for more than 44,000 individuals and 30,715 banks”.

Final GOP Interim Staff Report 7-12-16 on Scribd

 

 

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA