ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool FASTCash

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: FASTCash

NamesFASTCash
CategoryMalware
TypeSWIFT malware
Description(US-CERT) Since at least late 2016, HIDDEN COBRA actors have used FASTCash tactics to target banks in Africa and Asia. At the time of this TA’s publication, the U.S. Government has not confirmed any FASTCash incidents affecting institutions within the United States.

FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. The U.S. Government assesses that HIDDEN COBRA actors will continue to use FASTCash tactics to target retail payment systems vulnerable to remote exploitation.
Information<https://www.us-cert.gov/ncas/alerts/TA18-275A>
<https://us-cert.cisa.gov/ncas/analysis-reports/ar20-239c>
<https://threatrecon.nshc.net/2019/01/23/sectora01-custom-proxy-utility-tool-analysis/>
<https://github.com/fboldewin/FastCashMalwareDissected/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/aix.fastcash>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:FASTCash>

Last change to this tool card: 26 August 2020

Download this tool card in JSON format

All groups using tool FASTCash

ChangedNameCountryObserved

APT groups

     ↳ Subgroup: BeagleBoyzNorth Korea2014-Feb 2016 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key