Suspected cybercrime group known as Lazarus is suspected to be behind numerous attacks against Polish banks. Polish banks reportedly detected previously-undetected Malware variants in their system. They reported usual behavior that included abnormal network traffic to foreign locations, encrypted executable, and malware on user workstations. The hackers conducted the attack by compromising the websites of their target by injecting them with malicious codes that redirects the visitors to an exploit kit that installs the malware.
I thought this is interesting since we had some experience with WebGoat and how attackers can inject codes to web applications. This seems to be the route that this cybercrime group took.