Kaspersky Lab: Russian banks targeted by fake security alerts. Attackers pretended to be FinCERT – a cybercrime-fighting division of the country’s central bank. They used malware that had been signed with malware signed with a legitimate certificate. The malware installs LiteManager 3.4 software, giving the attackers remote-control access to the infected system. The attack mirrors those used to breach U.S. health insurer Anthem – formerly known as Wellpoint – which exposed personal information for nearly 80 million people in the United States – that attack has been attributed to a Chinese APT group.”]
Source: https://www.cuinfosecurity.com/russian-banks-targeted-by-fake-security-alerts-a-8975