Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. A chain attack was observed, with organizations in other countries being probed with malicious messages in an attempt to get access to their systems. The cybercriminals then ran a phishing campaign using the infrastructure of a bank in Kazakhstan to infect another one in Georgia. Russian banks are ill-prepared for cyber attacks, with more than half showing signs of trespassing in the past.
Source: https://www.bleepingcomputer.com/news/security/hackers-use-compromised-banks-as-starting-points-for-phishing-attacks/