FireEyeInc., another cybersecurity firm, described a similar series ofattacks in a report published about five months ago. (Photo:Shutterstock)

(Bloomberg) — It's a short — but startling — passage tuckedinside Microsoft Corp.'s periodic cybersecurity report: State-sponsored hackersattacked several financial services firms and stole “large sumsof cash.”

The account provides another reminder that hackers are successfully preying on parts of anindustry where customer confidence is paramount, and that'ssometimes reluctant to disclose serious attacks.

Yet even as the report lays out what happened, it omitssensitive details, such as which government backed the assault orwhich firms were targeted.

Microsoft said it knows about the case because its expertshelped victims in the aftermath.

In a series of similar incidents, hackers gained administrativeaccess to computer systems by infecting a machine with a “highlytargeted, obfuscated backdoor implant,” possibly with aspear-phishing email.

Then they sent cash to foreign accounts. In some instances, thehackers went undetected for more than 100 days, and once found,unleashed malware on the victims' systems, halting operations.

FireEye Inc., another cybersecurity firm, described a similarseries of attacks in a report published about five months ago. AMicrosoft spokesman declined to comment on whether the incidentsare related.

In that report, FireEye said a North Korean hacking group hadinfiltrated more than 16 firms in 11 countries including the U.S.,stealing more than $100 million. The group's victims included aChilean bank that lost $10 million last May. North Korean diplomatsand official media have denied that the country plays any role incyberattacks.

READ MORE:

Keeping clients' data safe

8 steps to protect employee benefits data fromhackers

One year later: The influence of Equifax and otherdata breaches on corporate culture

Copyright 2019 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.