Banking and Finance

  • Coyote: A multi-stage banking Trojan abusing the Squirrel installer

    February 8, 2024

    The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, Kaspersky researchers encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil. What caught their attention was the sophisticated infection chain that makes use of various ...

  • Oman sees surge in cyber crimes

    February 5, 2024

    The Public Prosecution in Oman has revealed that there were 140 cases of cybercrime in 2023, compared to 126 in 2022 while cases related to online content increased to 2,686 in 2023 from 2,519 in 2022. These cases included misusing financial cards, attempting, assisting, or agreeing to commit information technology fraud. Cases involving a violation of ...

  • The dangers of unused bank accounts and how to close them

    January 26, 2024

    If you’re like most people, you’ve likely got at least a few unused bank accounts floating around. However, there may be financial and security dangers associated with keeping these unused bank accounts active. Security risks of unused bank accounts Fraud exposure: Unused bank accounts can become targets for fraud. Closing these accounts minimizes the risk. Avoidance of fees: ...

  • Billion-dollar financial giant EquiLend hit by cyberattack

    January 25, 2024

    EquiLend, a global financial technology, data and analytics firm, suffered a cyberattack – possibly ransomware – that forced parts of its digital infrastructure offline. In a press release, EquiLend said that on January 22, 2024, its technicians identified a “technical issue that placed portions of our system offline.” Following an investigation, the company identified a cybersecurity ...

  • Mexican Banks and Cryptocurrency Platforms Targeted With AllaKore RAT

    January 24, 2024

    A financially motivated threat actor is targeting Mexican banks and cryptocurrency trading entities with custom packaged installers delivering a modified version of AllaKore RAT – an open-source remote access tool. Lures use Mexican Social Security Institute (IMSS) naming schemas and links to legitimate, benign documents during the installation process. The AllaKore RAT payload is heavily modified ...

  • Australia: Russian man Aleksandr Ermakov has been sanctioned over the Medibank data breach

    January 23, 2024

    The Australian government has used Magnitsky-style sanctions for the first time to punish Russian man Aleksandr Ermakov over what it says is his role in the 2022 Medibank Private data breach. Foreign Minister Penny Wong, Home Affairs Minister Clare O’Neil and Deputy Prime Minister Richard Marles made the announcement on Tuesday morning. But what exactly are ...

  • LoanDepot outage drags into second week after ransomware attack

    January 19, 2024

    LoanDepot customers say they have been unable to make mortgage payments or access their online accounts following a suspected ransomware attack on the company last week. The mortgage and loan giant said on January 8 that it was working to “restore normal business operations as quickly as possible” following a security incident that involved the “encryption ...

  • JPMorgan spends $15 billion a year on technology, given the risk of a data breach

    January 17, 2024

    JPMorgan Chase’s banking systems are attacked by hackers 45 billion a day, double what it saw a year earlier. The nation’s largest bank spends $15 billion a year on technology, given the risk of a data breach and the potentially devastating consequences of a successful cyber attack, Mary Callahan Erdoes, chief executive of the bank’s Asset ...

  • Financial Fraud APK Campaign

    January 12, 2024

    During Unit 42 ivestigation discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting their radar. The research revealed a family of malicious APKs targeting Chinese users that steals victim information and conducts financial fraud. To do this, the threat actor masquerades as a law enforcement ...

  • Australia: The Iconic denies responsibility for data breach

    January 10, 2024

    The Iconic has denied responsibility for a series of data breaches that saw Aussies’ bank balances drained of thousands of dollars after their accounts with the retailer were compromised. Earlier this week, revealed customers at Australia’s largest online retailer had reported a large number of hacking attempts and security breaches, with bad actors successfully compromising ...

  • Fidelity National Financial says hackers stole data on 1.3 million customers

    January 9, 2024

    Real estate services giant Fidelity National Financial (FNF) has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week. FNF said in a filing Tuesday with federal regulators: “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that ...

  • ECB to conduct mock cyber attacks at 109 banks

    January 3, 2024

    The European Central Bank (ECB) will stress test 109 banks over the next twelve months to see if they are adequately prepared for cyber attacks. The banks’ response and recovery capabilities will be prioritized, not the potential to prevent incidents. The 109 banks in question are all under the direct supervision of the ECB. The stress ...

  • ‘Lazy’ broadband engineers blamed for exposing hospitals and banks to cyber attacks

    January 2, 2024

    Hospitals and banks are more exposed to cyber attacks because “lazy” broadband engineers are failing to fill in crucial forms, it has been alleged. Industry sources warned of a “Wild West” among contractors who are not handing over information about when and where they are working on BT’s network. Read more… Source: MSN News  

  • Another top US mortgage firm reveals a major data breach, over a million customers affected

    December 28, 2023

    LoanCare suffered a data breach last month, which resulted in the theft of sensitive customer data, the insurance service company has confirmed. Roughly 1.3 million people were affected by the breach, the company further explained, as hackers stole people’s full names, physical addresses, Social Security Numbers (SSN), and loan numbers. Read more… Source: MSN News  

  • Hackers stole $2 billion in crypto in 2023, data shows

    December 26, 2023

    For yet another year, hackers stole billions of dollars in crypto. But for the first time since 2020, the trend is downwards, according to crypto security firms. This year, hackers stole around $2 billion dollars in crypto across dozens of cyberattacks and thefts, according to De.FI, the web3 security firm that runs the REKT database. The ...

  • Former Chelsea player Rati Aleksidze arrested in Germany for ‘gang-related investment fraud’

    December 20, 2023

    A former Chelsea striker played a possible minor role in a global investment crime gang, according to prosecutors investigating a cyber scam worth “billions”. Rati Aleksidze was temporarily held under a European arrest warrant in March. German prosecutors told Telegraph Sport he is suspected of playing “at most” a minor role in the Tbilisi-based conspiracy accused of ...

  • Operation HAECHI IV: USD 300 million seized and 3,500 suspects arrested in international financial crime operation

    December 19, 2023

    LYON, FRANCE – A transcontinental police operation against online financial crime has concluded with almost 3,500 arrests and seizures of USD 300 million (approx. EUR 273 million) worth of assets across 34 countries. The six-month Operation HAECHI IV (July-December 2023) targeted seven types of cyber-enabled scams: voice phishing, romance scams, online sextortion, investment fraud, money laundering ...

  • Mr. Cooper leaks personal data of 14 million loan and mortgage customers

    December 19, 2023

    A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. has released more information on a recent breach. In a data breach notification, the company didn’t say what type of cyberattack caused the compromise of customer data, calling it a rather non-descriptive “External system breach (hacking).” For those unfamiliar ...

  • MongoDB, North Face owner VF Corp and Mr. Cooper fall victim to cyberattacks

    December 18, 2023

    It has been a busy few days on the cybersecurity front as three notable companies confirmed hacks over the last two days: MongoDB Inc., North Face and Vans owner VF Corp., and mortgage broker Mr. Cooper Group Inc. The first hack, that of MongoDB, was confirmed over the weekend and involved its corporate systems being breached ...

  • Nissan probing possible cyberattack and data breach

    December 7, 2023

    Japanese car manufacturing giant Nissan is investigating a possible data breach, and is warning customers to be wary of potential scam emails and messages delivering malware. In a brief notification published on the Nissan Oceania websites, it was said that the Australian and New Zealand Corporation and Financial Services suffered a “cyber incident”. This division handles distribution, ...