14 DAY TRIAL // Cape Cod Community College (locally known as Four Cs) was impacted by a cybersecurity attack which compromised computers on the college campus via a phishing attack that dropped a malware payload designed to steal banking information.
Although no details regarding the malware used to steal $807,130 from the Four Cs' banking accounts, the most probable culprits are banking Trojans such as Emotet specifically designed to target and exfiltrate financial info such as bank logins and cryptocurrency wallets.
After detecting the initial attack which successfully infected multiple in the Nickerson Administration Building, the college also identified and blocked several other subsequent security attacks targeting its network, as reported by
"The malware targeted the college’s financial transactions. It appears as though it overwrote the URL address for the college’s bank, TD Bank, creating a fake site that looked and functioned like the financial institution," told the college's President John Cox to Cape Cod Times.
"That done, the hackers were able to deal directly with the bank, resulting in nine fraudulent transfers totaling $807,130 from the community college’s coffers," added Cox.
Besides being able to fake the bank's website, the actors behind the attack were also able to validate the nine transactions by making multiple phone calls using social engineering techniques that persuaded the bank employees to clear the money transfers.
The money recovery process is ongoing, $278,887 already recovered
The bank did manage to block three fraudulent transactions attempted by the hacking group and is currently cooperating with the FBI in an ongoing investigation trying to recover the stolen money.
Although the college's IT team found one of the infected attachment and managed to quarantine the malware embedded within, the virus had enough time to spread on the system, replicate itself, and propagate to other computers om the campus.
The possibility of the malware finding another point of entry into the college network is also on the table, although the incident's investigators have all their money on the malware having evaded the anti-malware solution used by the IT team during the initial diagnostics.
"Payroll and other financial services will not be impacted, and the Four Cs is working with our bank to recover the remaining fraudulent transactions. To date, $278,887 of the funds have been returned and the recovery process is ongoing," concluded Cox in an email notification secured by Cape Cod Today.