Cyber Incident Victim: NoName057(16)

On November 1, 2022, Italian authorities disclosed a multi-stage cyberattack targeting a prominent Italian bank and its customers, resulting in confirmed thefts exceeding €1 million. The incident began when a bank employee detected suspicious financial discrepancies traced to unauthorized remote access by attackers posing as technical support personnel. Through vishing (voice phishing) tactics, these threat actors deceived multiple bank employees into granting them remote access credentials, enabling fraudulent immediate bank transfers totaling €1 million to accounts controlled by the criminal network. The Postale Police's Cyber Security Operational Center for Tuscany, working under the Florence Prosecutor’s Office, launched an investigation that identified 35 suspects across Italy, with concentrations in Campania. Attackers simultaneously executed a large-scale smishing (SMS phishing) campaign targeting bank customers to harvest home banking credentials, attempting to compromise both institutional and individual accounts.

Investigators traced the attackers’ infrastructure and financial flows, recovering €400,000 within hours of detection by freezing destination accounts. Forensic analysis revealed the criminals used prepaid cards (Postepay, Revolut) and newly opened bank accounts to receive and launder stolen funds. Evidence included chat logs detailing operational agreements and profit-sharing percentages among collaborators, alongside banking documentation for fraudulent accounts. The dual-pronged attack combined social engineering against bank staff with credential theft from customers, exploiting both human and technical vulnerabilities. While the bank’s name remained undisclosed, judicial authorities emphasized the sophistication of the vishing techniques and the coordinated national scope of the criminal network. No additional financial losses or technical intrusion methods beyond credential theft and social engineering were confirmed in the initial investigation phase.