Jammal Trust Bank Targeted by Vice Society Ransomware Group

Jammal Trust Bank, a Shiite-owned Lebanese bank established in 1963, recently fell victim to the Vice Society ransomware group. Despite having 25 branches across Lebanon and additional offices in Nigeria, the Ivory Coast, and the United Kingdom, the bank was compelled to shut down in 2019 following US sanctions for its role in "assisting in the financing of terrorism". The cyberattack by the Vice Society was disclosed on their dark web leak site, where they boasted about compromising the bank's website.

The Vice Society is notorious for its sophisticated approach, employing encryption to seize control of victims' files and demanding a ransom for the decryption keys. In certain cases, they also threaten to publish sensitive data if their demands are not satisfied. This group has orchestrated several notable cyber heists, including the infamous Bangladesh Bank Heist in 2016, which led to a loss of over $81 million.

The susceptibility of Jammal Trust Bank to such cyber threats can be traced back to its previous affiliations with Hizballah, a recognized terrorist organization. The US Department of the Treasury's Office of Foreign Assets Control (OFAC) had sanctioned the bank for its deliberate involvement in banking activities for Hizballah, potentially marking it as a prime target for cybercriminals looking to exploit these connections.

The full extent of the damage inflicted upon Jammal Trust Bank remains uncertain. However, this incident underscores the critical need for financial institutions to adopt comprehensive cybersecurity strategies. Drawing lessons from the Bangladesh Bank Heist, which was executed through a mix of social engineering, insider collusion, and malware, is vital for averting similar future attacks. Implementing measures such as two-factor authentication, conducting regular security audits, and providing cybersecurity training to employees are essential steps in fortifying defenses against cyber threats.

Sources

• HackNotice: Jammal Trust Bank - HackNotice
• The Cyber Express: Vice Society Ransomware Gang Continues its Vices in 2023
• LinkedIn: Case Study on Bangladesh Banking Heist
• Treasury: Treasury Labels Bank Providing Financial Services to Hizballah as Specially Designated Global Terrorist