Security teams at several Polish banks discovered malicious executables on workstations of several banks. The source of the malware infection is their own financial regulator, the Polish Financial Supervision Authority. The KNF confirmed that their internal systems had been compromised by someone “” although no specifications were provided. An unknown attacker compromised the KNF’s website for well over a week by modifying one of the site’s JavaScript files, making visitors to the regulator’s site load the malicious JavaScript file, which then downloaded the malicious payloads.
Source: https://thehackernews.com/2017/02/bank-hacking-malware.html