Banking and Finance

December 7, 2021

A major outage disrupted Amazon’s cloud services on Tuesday, temporarily knocking out streaming platforms Netflix and Disney+, Robinhood, a wide range of apps and Amazon.com Inc’s e-commerce website as consumers shopped ahead of Christmas. “Many services have already recovered, however we are working towards full recovery across services,” Amazon said on its status dashboard status.aws.amazon.com. Amazon’s Ring ...

November 23, 2021

A look back on the year 2021 and what to expect in 2022 First of all, we are going to analyze the forecasts we made at the end of 2020 and see how accurate they were. Then we will go through the key events of 2021 relating to attacks on financial organizations. Finally, we will make ...

November 18, 2021

The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. A new malware sample was analyzed by IBM Trusteer researchers who found it outside the Play Store, on sites where people end up after receiving smishing (SMS) messages. These HTTPS sites warn ...

November 9, 2021

Indian infosec consultancy CyberX9 claims it twice found records of 43.9 million shareholders exposed by systems operated by Central Depository Services Limited (CDSL) – and that the depository company responded slowly to its alerts of significant vulnerabilities. CDSL bills itself as a crucial player in India’s financial markets. It serves exchanges, investors, and issuers with depository ...

November 9, 2021

Investor trading app company Robinhood Markets has confirmed a data breach that affects the personal information of about 7 million customers – roughly a third of its user base. A cyberattacker made off with emails and more, which could lead to follow-on attacks for Robinhood customers. The trading platform, which found itself in the middle of ...

November 3, 2021

Despite the arrest of individuals connected with the spread of the Mekotio banking Trojan, the malware continues to be used in new attacks. On Wednesday, Check Point Research (CPR) published an analysis on Mekotio, a modular banking Remote Access Trojan (RAT) that targets victims in Brazil, Chile, Mexico, Spain, and Peru — and is now back ...

November 2, 2021

The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in “time-sensitive financial events” such as corporate mergers and acquisitions to make it easier to extort their victims. In a private industry notification published on Monday, the FBI said ransomware operators would use the financial information collected before attacks as leverage to ...

October 27, 2021

US feds were spotted raiding a warehouse belonging to Chinese payment terminal manufacturer PAX Technology in Jacksonville, Florida, on Tuesday, with speculation abounding that the machines contained preinstalled malware. PAX Technology is headquartered in Shenzhen, China, and is one of the largest electronic payment providers in the world. It operates around 60 million point-of-sale (PoS) payment ...

October 26, 2021

Up to 100 organizations in Brazil have been targeted with a banking Trojan since approximately late August 2021, with the most recent activity seen in early October. This campaign appears to be a continuation of activity that was published about by researchers at ESET in 2020. The attackers appeared to be undeterred by exposure and Symantec, ...

October 19, 2021

The TA505 cybercrime group is whirring its financial rip-off machinery back up, pelting malware at a range of industries in what was initially low-volume waves that researchers saw spiral up late last month. They do bad things, but they’re so tricky that tracking them is a ton of fun, said Sherrod DeGrippo, vice president, Threat Research ...

October 12, 2021

Ecuador’s largest private bank Banco Pichincha has suffered a cyberattack that disrupted operations and taken the ATM and online banking portal offline. The cyberattack occurred over the weekend, causing the bank to shut down portions of their network to prevent the attack’s spread to other systems. Read more… Source: Bleeping Computer  

October 11, 2021

Pacific City Bank (PCB), one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. The bank is circulating notices to inform its clients of a security breach it identified on August 30, 2021, which they claim to have addressed promptly. Read more… Source: Bleeping Computer  

October 1, 2021

The Hydra banking trojan is back to targeting European e-banking platform users, and more specifically, customers of Commerzbank, Germany’s second-largest financial institution. MalwareHunterTeam has spotted the two-year-old malware in a new distribution campaign that targets German users with a malicious APK named ‘Commerzbank Security’ and using the same icon as the official app. Read more… Source: Bleeping Computer  

September 30, 2021

An attacker who steals a locked iPhone can use a stored Visa card to make contactless payments worth up to thousands of dollars without unlocking the phone, researchers are warning. The problem is due to unpatched vulnerabilities in both the Apple Pay and Visa systems, according to an academic team from the Universities of Birmingham and ...

September 17, 2021

A banking Trojan has been detected that abuses YouTube, Pastebin, and other public platforms in order to spread and control compromised machines. On Friday, ESET wrapped up a series on banking Trojans present in Latin America — including Janeleiro, a new malware sample similar to Casbaneiro, Grandoreiro, and Mekotio — but this one does not just ...

September 14, 2021

Banks have been “disproportionately affected” by a surge in ransomware attacks, clocking a 1,318% increase year-on-year in 2021. Ransomware has become one of the most well-known and prevalent threats against the enterprise today. This year alone, we have seen high-profile cases of ransomware infection — including against Colonial Pipeline, Kaseya, and Ireland’s health service — cause ...

September 3, 2021

The FIN7 financial cybercrime gang is back, delivering JavaScript backdoors using Word documents themed around the next version of Windows. That’s according to researchers at Anomali, who observed a recent campaign from the group that leveraged six different docs, all referencing “Windows 11 Alpha” – the “Insider Preview” version of the upcoming Windows 11 operating system ...

September 2, 2021

QakBot, also known as QBot, QuackBot and Pinkslipbot, is a banking Trojan that has existed for over a decade. It was found in the wild in 2007 and since then it has been continually maintained and developed. In recent years, QakBot has become one of the leading banking Trojans around the globe. Its main purpose is ...

August 27, 2021

Cloudflare said it’s system managed to stop the largest reported DDoS attack in July, explaining in a blog post that the attack was 17.2 million requests-per-second, three times larger than any previous one they recorded. Cloudflare’s Omer Yoachimik explained in a blog post that the company serves over 25 million HTTP requests per second on average ...

August 22, 2021

Despite knowing that its information technology equipment is obsolete and some of its software is outdated, the Federal Board of Revenue (FBR) did not make any serious effort to upgrade them, which resulted into hacking of the data centres. The systems were not improved even though the World Bank approved an $80 million loan two years ...