Native English-speaking hackers with intricate knowledge of the financial industry are trying to manipulate the stock market.
Security research firm FireEye discovered the novel strategy and released its findings on Monday. The group, which FireEye calls FIN4, doesn’t use malware, but instead poses as outside consultants, tricking employees into disclosing confidential information or granting them access to the company’s network.
Armed with valuable information and access, the hackers are likely playing the stock market, FireEye said. They could also be passing along the information to other traders and hedge funds.
The use of complex industry jargon in the attacks suggests the cyber crooks are Americans and potentially former Wall Street employees.
“Advanced threat actors conducting attacks to play the stock market to their advantage has long been a worry but never truly seen in action," said Dan McWhorter, FireEye’s vice president of threat intelligence.
FireEye shared its findings with the FBI, which said in a statement it was reviewing the report and could not comment further.
“FIN4 is the first time we are seeing a group of very sophisticated attackers actually systematically acquire information that only has true value to a criminal when used in relation to the stock market," McWhorter added.
FireEye believes this hacking group started in mid-2013 and has since gone after more than 100 publicly traded companies, law firms, third-party consultants and investment bankers.
Most of these targets, 68 percent, were publicly traded healthcare and pharmaceutical companies.
Within each company, the hackers went after high-level executives, legal counsel, researchers, scientists and regulatory compliance personnel.
“FIN4 knows their targets,” the report said.
The cyber thieves sent these employees detailed emails using flawless English and an insiders’ knowledge of the target company’s operations.
“FIN4 intentionally targets individuals who have inside information about impending market catalysts — events that will cause the price of stocks to rise or fall substantially in a short period of time,” the report said.
It’s a new form of insider trading.
“It is likely that FIN4 used the inside information they had to capitalize on these stock fluctuations,” the report said.