‘Elephant Beetle’ spends months in victim networks to divert transactions

[Gandalf_The_Grey]

Content source

https://www.bleepingcomputer.com/news/security/elephant-beetle-spends-months-in-victim-networks-to-divert-transactions/

A financially-motivated actor dubbed 'Elephant Beetle' is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts.

The group is very sophisticated and patient, spending months studying the victim's environment and financial transaction processes, and only then moves to exploit flaws in the operation.

The actors inject fraudulent transactions into the network and steal small amounts over long periods, leading to an overall theft of millions of dollars. If they are spotted, they lay low for a while and return through a different system.

The expertise of 'Elephant Beetle' appears to be in targeting legacy Java applications on Linux systems, which is typically their entry point to corporate networks.

The actor's TTPs are exposed in a detailed technical report which the Sygnia Incident Response team shared with Bleeping Computer before publication.