Accountability, Banking and Information Security

Accountability

Banking

Information Security

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking

Banking Government Accountability Hacking

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. The malware allows operators to steal bank users’ sensitive information and money from their bank accounts.

Banking

Banking Malware Accountability Phishing

Join 28,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking

Banking Malware Accountability Authentication

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. .”

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

Russian authorities arrest three suspects behind Mamont Android banking trojan

Security Affairs

MARCH 28, 2025

Russian authorities arrested three suspects for developing Mamont, a newly identified Android banking trojan. Russian authorities arrested three suspects in Saratov for developing Mamont (Russian for mammoth), a recently discovered Android banking trojan. Mamont can also spread to contacts in the victims messenger app.

Banking

Banking Computers and Electronics Mobile Malware

California Cryobank, the largest US sperm bank, disclosed a data breach

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., At this time, it is unclear if the exposed information includes any donor data.

Data breaches

Data breaches Banking Insurance Hacking

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. ” ThreatFabric concludes.

Banking

Banking Mobile Identity Theft Malware

Seychelles Commercial Bank Reported Cybersecurity Incident

Security Affairs

JULY 29, 2025

Seychelles Commercial Bank on Friday said it had recently identified and contained a cybersecurity incident. A hacker claims to have stolen and sold the personal data of clients of Seychelles Commercial Bank. The bank reassures all its internet banking customers that no funds have been accessed.”

Banking

Banking Cybersecurity Internet Internet

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft

Identity Theft Malware Passwords Banking

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

. “Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to some of the personal data associated with the accounts of certain subscribers ,” the second largest telephone operator in France confirmed to Agence France-Presse (AFP) on Saturday, October 26.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Nigerian man Sentenced to 26+ years in real estate phishing scams

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of real estate businesses. for phishing scams that resulted in the compromise of millions of email accounts. million in restitution.

Scams

Scams Phishing Identity Theft Accountability

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device. Reporting the incident to IC3.gov

Malware

Malware Scams Identity Theft Antivirus

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

Attackers are mimicking tournament brackets, betting promotions, and registration formstricking users into handing over credentials or linking bank accounts to fraudulent sites. A simple click on what seems like an innocent bracket challenge or promo offer can lead to compromised financial accounts before tipoff.

Scams

Scams Social Engineering Phishing Mobile

Coinbase disclosed a data breach after an extortion attempt

Security Affairs

MAY 15, 2025

Exposed data included contact details, partial SSNs and bank info, ID images, account history, and limited internal documents. Compromised data includes: Name, address, phone, and email; Masked Social Security (last 4 digits only); Masked bank-account numbers and some bank account identifiers; GovernmentID images (e.g.,

Data breaches

Data breaches Banking Accountability Retail

A crime ring compromised Italian state databases reselling stolen info

Security Affairs

OCTOBER 28, 2024

. “Milan prosecutors allege the business intelligence agency tapped into three key databases: one gathering alerts over suspicious financial activities; one used by the national tax agency with citizens’ bank transactions, utility bills, income statements; and the police investigations’ database, the person said.”

Computers and Electronics

Computers and Electronics Banking Marketing Hacking

A new Linux variant of FASTCash malware targets financial systems

Security Affairs

OCTOBER 15, 2024

The experts reported that the ATP group has been using this malware at least since 2016 to siphon millions of dollars from ATMs of small and midsize banks in Asia and Africa. The malicious code intercepts declined magnetic swipe transactions and authorizes them with random amounts in Turkish Lira for specific cardholder accounts.

Malware

Malware Banking Hacking Accountability

New sophisticate malware SuperCard X targets Androids via NFC relay attacks

Security Affairs

APRIL 21, 2025

The fraud campaign starts with fake bank alerts via SMS or WhatsApp, luring victims to call attackers. Since victims often do not recall their PIN immediately, the attackers guide them through their mobile banking application to retrieve this sensitive information.” ” reads the report published by Cleafy.

Malware

Malware Social Engineering Banking Engineering

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Security Affairs

APRIL 9, 2025

The US Office of the Comptroller of the Currency (OCC) disclosed a major email breach compromising 100 accounts, undetected for over a year. The cybersecurity incident involved unauthorized access to emails via a compromised admin account. Affected accounts were disabled. The breach was confirmed on Feb. OCC on Feb.

Accountability

Accountability Banking Information Security Hacking

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Security Affairs

MAY 28, 2025

DomainTools noted that the fake Bitdefender site also overlaps in timing and infrastructure with other phishing domains impersonating banks and IT services, including sites used to steal logins for Microsoft and the Royal Bank of Canada. ” concludes the report that also provides Indicators of compromise.

Antivirus

Antivirus Malware Banking Passwords

Europol dismantles €460M crypto scam targeting 5,000 victims worldwide

Security Affairs

JULY 1, 2025

The criminal network allegedly used global associates and a Hong Kong-based corporate and banking setup to move illicit funds via cash, bank, and crypto transfers. ” Online fraud is a top threat to EU security, with rising scale and sophistication. ” reads the press release published by Europol.

Scams

Scams Cryptocurrency Banking Social Engineering

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. Meanwhile, an informal Tenable poll looks at cloud security challenges. government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking

Banking Cybercrime Cybersecurity Ransomware

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

Security Affairs

DECEMBER 10, 2024

A month earlier, Dubai and Abu Dhabi Police warned citizens not to share their confidential information, including their account, card details or online banking credentials. The actors became more creative. The experts estimate the scale of threat actors’ activities: they send between 50,000 and 100,000 messages daily.

Phishing

Phishing Social Engineering Banking DNS

Laboratory Services Cooperative data breach impacts 1.6 Million People

Security Affairs

APRIL 11, 2025

“The specific information involved is not the same for everyone.” Health Insurance Information: This may encompass plan name, plan type, insurance companies, and member/group ID numbers. ” reads the notice of data breach.

Data breaches

Data breaches Insurance Banking Accountability

U.S. Offers $10M bounty for info on RedLine malware creator and state hackers

Security Affairs

JUNE 6, 2025

. “Maxim Alexandrovich Rudometov (Максим Александрович Рудомётов), born in 1999 in the Luhansk region of Ukraine, developed and has sold “information stealer” malware known as RedLine.” Use a password manager : Simplifies managing strong, unique passwords across accounts. ” continues the announcement.

Malware

Malware Passwords Identity Theft Government

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

It can steal accounts, send messages, steal crypto, monitor browsing, intercept SMS, and more. ” To protect against malware, experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android immediately. .” 231 banking malware.

Cryptocurrency

Cryptocurrency Malware Firmware Antivirus

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Secure payment methods Ensure safe processing of financial transactions.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Impacts vary depending on users’ browsers, cookies, and third-party account activity. ” The potential exposed data includes IP addresses, third-party identifiers/cookies, and, in some cases, information about a patient’s treatment or provider if included in a URL or button text. added Atrium Health.

Data breaches

Data breaches Identity Theft Accountability Healthcare

Raccoon Infostealer operator sentenced to 60 months in prison

Security Affairs

DECEMBER 20, 2024

FBI identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) My office will not stop in its efforts to hold cybercriminals accountable for their misdeeds.” in the stolen data.

Cryptocurrency

Cryptocurrency Identity Theft Cybercrime Malware

ZAGG disclosed a data breach that exposed its customers’ credit card data

Security Affairs

DECEMBER 29, 2024

It is best known for producing products like screen protectors, mobile device cases, power banks, wireless charging devices, and other smartphone and tablet accessories. is a consumer electronics accessories company based in the United States.

Data breaches

Data breaches Computers and Electronics Hacking Wireless

Online food ordering and delivery platform GrubHub discloses a data breach

Security Affairs

FEBRUARY 4, 2025

The investigation revealed that attackers had compromised an account associated with a third-party provider of support services. Then GrubHub locked out the attackers and removed the hacked account. Upon discovery, we promptly launched an investigation, identifying unauthorized access to an account associated with this provider.”

Data breaches

Data breaches Passwords Accountability Hacking

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Security Affairs

APRIL 6, 2025

Musielak warned of the rising threat of mass identity theft, fraudulent credit applications, and fake account creation, which are now more scalable with generative AI. If you’re running KYC in banking, insurance, travel, crypto, or anywhere else its time to upgrade your process. ” added the expert. “ @authologic.

Identity Theft

Identity Theft Insurance Banking Authentication

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46

Security Affairs

MAY 25, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack How a Trusted IT Tool Became a Malware Delivery Vector Malicious Checker Packages on PyPI Probe TikTok and Instagram for (..)

Malware

Malware Cryptocurrency Banking Ransomware

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Security Affairs

MARCH 24, 2025

During a forensic investigation, Sygnia researchers observed multiple alerts that revealed a re-enabled threat actor account by a service account from an unidentified server. The China-linked threat actor Weaver Ant infiltrated the network of a telecom provider in Asia for over four years. ” reads the report published by Sygnia.

Telecommunications

Telecommunications Encryption Accountability Firewall

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

Security Affairs

NOVEMBER 4, 2024

Now the City of Columbus determined that the ransomware attack compromised the personal and financial information of 500,000 individuals. “To date, the City is unaware of any actual or attempted misuse of your personal information for identity theft or fraud as a result of this Incident.”

Ransomware

Ransomware Identity Theft Data breaches Cyber threats

Ahold Delhaize data breach affected over 2.2 Million individuals

Security Affairs

JUNE 30, 2025

” reads the data breach notification letter shared with the Maine Attorney General’s Office “The types of impacted information vary by affected individual.” ” Ahold Delhaize determined that the data breach impacted 2,242,521 individuals and is notifying them.

Data breaches

Data breaches eCommerce Retail Accountability

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

The gang targets high-value victims, also called “mammoths,” for digital asset theft, including cryptocurrencies, payment cards, online banking accounts, and non-fungible tokens (NFTs). Active since 2021, the group amassed over 3,000 followers on its public Telegram CrazyEvilCorp channel.

Scams

Scams Media Cryptocurrency Cybercrime

African multinational telco giant MTN Group disclosed a data breach

Security Affairs

APRIL 26, 2025

At this stage we do not have any information to suggest that customers accounts and wallets have been directly compromised.” Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details.

Data breaches

Data breaches Telecommunications Financial Services Mobile

Nova Scotia Power discloses data breach after March security incident

Security Affairs

MAY 15, 2025

. “While the investigation remains ongoing, we have determined that on or around March 19, 2025, certain customer information stored on the impacted servers was accessed and later taken by an unauthorized third party.” ” reads the update published by the company on May 14, 2025.

Data breaches

Data breaches Energy and Utilities Insurance Accountability

U.S. Medical billing provider Medusind suffered a sata breach

Security Affairs

JANUARY 9, 2025

.” The experts determined that threat actors may have stolen certain files containing different types of information, including health insurance and billing information (such as insurance policy numbers or claims/benefits information), payment information (such as debit/credit card numbers or bank account information), health information (such (..)

Data breaches

Data breaches Insurance Healthcare Banking

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 22, 2025

Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses virtualization to hijack banking and crypto apps Cloudflare blocked record-breaking 7.3 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches DDOS Backups Internet

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes’ Data from Saudi Games

Security Affairs

JUNE 23, 2025

Likely, the choice of target was not random and was part of information operation (IO) orchestrated by Iran to spread a narrative of insecurity.

Hacking

Hacking Banking Media Government

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

Security Affairs

JUNE 9, 2025

The DOJ filed a civil forfeiture complaint for $7.74M in crypto tied to North Korean fake IT worker schemes linked to the indictment of North Korean Foreign Trade Bank (FTB) representative Sim Hyon Sop. accounts to hide their origins. The frozen funds include cryptocurrency, NFTs, and other digital assets. million tied to the scheme.”

Scams

Scams Identity Theft Cryptocurrency Banking

Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom

Security Affairs

MAY 27, 2025

While the investigation remains ongoing, we have determined that on or around March 19, 2025, certain customer information stored on the impacted servers was accessed and later taken by an unauthorized third party. reads the update published by the company on May 14, 2025.

Energy and Utilities

Energy and Utilities Ransomware Data breaches Accountability

Hackers stole millions of dollars from Uganda Central Bank

New version of Android malware FakeCall redirects bank calls to scammers

Trending Sources

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Change Healthcare Breach Hits 100M Americans

Russian authorities arrest three suspects behind Mamont Android banking trojan

California Cryobank, the largest US sperm bank, disclosed a data breach

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Seychelles Commercial Bank Reported Cybersecurity Incident

International law enforcement operation dismantled RedLine and Meta infostealers

France’s second-largest telecoms provider Free suffered a cyber attack

Nigerian man Sentenced to 26+ years in real estate phishing scams

FBI warns of malicious free online document converters spreading malware

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

Coinbase disclosed a data breach after an extortion attempt

A crime ring compromised Italian state databases reselling stolen info

A new Linux variant of FASTCash malware targets financial systems

New sophisticate malware SuperCard X targets Androids via NFC relay attacks

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Europol dismantles €460M crypto scam targeting 5,000 victims worldwide

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

Laboratory Services Cooperative data breach impacts 1.6 Million People

U.S. Offers $10M bounty for info on RedLine malware creator and state hackers

New Triada Trojan comes preinstalled on Android devices

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

New Atrium Health data breach impacts 585,000 individuals

Raccoon Infostealer operator sentenced to 60 months in prison

ZAGG disclosed a data breach that exposed its customers’ credit card data

Online food ordering and delivery platform GrubHub discloses a data breach

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

Ahold Delhaize data breach affected over 2.2 Million individuals

Crazy Evil gang runs over 10 highly specialized social media scams

African multinational telco giant MTN Group disclosed a data breach

Nova Scotia Power discloses data breach after March security incident

U.S. Medical billing provider Medusind suffered a sata breach

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes’ Data from Saudi Games

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom

Stay Connected