Microsoft Claims Austrian Company Was Behind Malware Attacks On Banking In Three Countries

JAKARTA - Security researchers at Microsoft say that an Austrian company is behind a series of digital intrusions at banks, law firms and strategic consultancies in at least three countries.

The company, DSIRF, developed a spyware - malicious software designed to spy on or steal information from a target device - called "Subzero" which uses so-called Zero-day exploits to access confidential information such as passwords, or login credentials. Microsoft wrote in a blog post on Wednesday, July 27.

"The victims observed to date include law firms, banks and strategic consultants in countries such as Austria, the UK and Panama," the post said, without identifying the victims.

Vienna-based DSIRF, or DSR Decision Supporting Information Research Forensic GmbH, did not respond to requests for comment via email and telephone from Reuters.

Zero-day exploits are serious software flaws that are invaluable to hackers and spies because they work even when the software is up to date.

The term comes from the number of warnings users get to patch their machines protectively; two-day defects are less dangerous because they appear two days after the patch becomes available.

Several cybersecurity companies are developing such tools to use in conjunction with routine "pentesting," or penetration testing, to test a company's digital defenses against malicious attacks.

"Microsoft's interactions with victims confirmed that they disapproved of red teaming and the spread of malware, and confirmed that it was unauthorized activity," Microsoft Security Unit general manager Cristin Goodwin, who authored the report, told Reuters.

According to a copy of an internal presentation published last year by German news site Netzpolitik, DSIRF advertises Subzero as a "next generation cyber warfare" tool that can take complete control of a target PC, steal passwords and reveal its location.

Other slides in the presentation show some of the uses of spyware, including anti-terrorism and targeting human trafficking rings and child pornography.

Microsoft's findings come as the United States and Europe consider stricter rules around spyware vendors, a fast-growing and less regulated global industry, and after the Pegasus spyware developed by Israel's NSO was found to have been used by governments to spy on journalists and dissidents.

"The industry appears to be booming," Shane Huntley, senior director of the Threat Analysis Group at Alphabet, told a U.S. House of Representatives committee on Wednesday.