Banking and Cybercrime - Cyber Security Informer

Cybercrime Rapper Sues Bank over Fraud Investigation

Krebs on Security

AUGUST 7, 2024

In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. PNC Bank did not respond to a request for comment.

Banking

Banking Cybercrime Accountability Retail

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

JUNE 15, 2021

This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers. Alla Witte’s personal website — allawitte[.]nl nl — circa October 2018. 6 in Miami, Fla. Image: DOJ.

Cybercrime

Cybercrime Ransomware Passwords Banking

The Risk of Weak Online Banking Passwords

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking

Banking Passwords Risk Accountability

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. Mark Rasch , a former cybercrime prosecutor for the U.S. As well as the cost of my services.”

Cybercrime

Cybercrime Accountability Identity Theft Hacking

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. Our client — XYZ Corp.

Cybercrime

Cybercrime Banking Small Business Accountability

Banks Attacked through Malicious Hardware Connected to the Local Network

Schneier on Security

DECEMBER 7, 2018

Kaspersky is reporting on a series of bank hacks -- called DarkVishnya -- perpetrated through malicious hardware being surreptitiously installed into the target network: In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack can be divided into several identical stages.

Banking

Banking Hacking Cybercrime Malware

Billion Dollar CyberSecurity Annual Budgets Have Arrived

Joseph Steinberg

JUNE 15, 2021

Major American banks and various other parties serving them are each spending $1 Billion per year on cybersecurity, according to Bank of America’s CEO, Brian Moynihan.

Cybersecurity

Cybersecurity Artificial Intelligence Banking Insurance

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

Scams

Scams Banking Accountability Financial Services

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

Tech Republic Security

MARCH 17, 2022

A new Android mobile malware dubbed Escobar has hit the cybercrime underground market. The post Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes appeared first on TechRepublic. Read more about it and see how to protect yourself from this threat.

Mobile

Mobile Banking Malware Cybercrime

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. based Internet address for more than a decade — a remarkable achievement for such a high-profile cybercrime service.

Malware

Malware Cybercrime Internet Internet

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. Bank customers. Bank customers.

Malware

Malware Banking Phishing DDOS

Grandoreiro Banking Trojan is back and targets banks worldwide

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking

Banking Malware Antivirus Accountability

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

The Hacker News

JUNE 4, 2023

An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal.

Banking

Banking Accountability Cybercrime

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking

Banking Government Accountability Hacking

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation.

Data breaches

Data breaches Banking Cybercrime Marketing

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. The company has disabled public access to the site while we continue the investigation.

Cybercrime

Cybercrime Data breaches Technology Banking

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. The malware allows operators to steal bank users’ sensitive information and money from their bank accounts. ” reads the report published by Zimperium.

Banking

Banking Malware Accountability Phishing

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches

Data breaches Banking Cybercrime Advertising

Hacker arrested for selling bank accounts of US, Canadian users

Bleeping Computer

FEBRUARY 18, 2024

Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold it on the dark web. [.]

Banking

Banking Accountability Cybercrime

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. Interestingly, we observed that ERMAC 2.0 “ERMAC 2.0

Banking

Banking Malware Cybercrime Phishing

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website. Washington, D.C. ”

Banking

Banking Government Information Security Authentication

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Security Affairs

FEBRUARY 4, 2025

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Then the malware starts monitoring the active window.

Banking

Banking Malware Antivirus Cyber threats

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. Don’t put them on hold while you call your bank; the scammers can get around that, too. Just hang up.

Passwords

Passwords Mobile Authentication Banking

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

Krebs on Security

APRIL 10, 2020

Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return.

Computers and Electronics

Computers and Electronics Banking Accountability Scams

Evolve Bank data breach impacted over 7.6 million individuals

Security Affairs

JULY 9, 2024

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” million individuals.

Banking

Banking Data breaches Retail Ransomware

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5.

VPN

VPN Government Cybercrime Internet

Arrest in ‘Ransom Your Employer’ Email Scheme

Krebs on Security

NOVEMBER 22, 2021

Mr. Krebson also heard from an investigator representing the Nigeria Finance CERT on behalf of the Central Bank Of Nigeria. billion in losses tied to cybercrime in 2020, and BEC fraud and romance scams alone accounted for nearly 60 percent of those losses. Krebson is a clout-chasing monger. Source: FBI/IC3 2020 Internet Crime Report.

Scams

Scams Cybercrime Banking Identity Theft

Flagstar Bank suffered a data breach once again

Security Affairs

OCTOBER 9, 2023

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv. million customers of Flagstar.

Data breaches

Data breaches Banking Hacking Mobile

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking

Banking Malware Accountability Authentication

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime

Cybercrime Media Banking Accountability

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

Security Affairs

FEBRUARY 19, 2024

The Android banking trojan Anatsa resurged expanding its operation to new countries, including Slovakia, Slovenia, and Czechia. In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. ” concludes the report. ” concludes the report. .

Banking

Banking Malware Mobile Authentication

Disrupting Ransomware by Disrupting Bitcoin

Schneier on Security

JULY 26, 2021

Without this payment channel, they write, the major ransomware epidemic is likely to vanish, since the only payment alternatives are suitcases full of cash or the banking system, both of which have severe limitations for criminal enterprises. Or gives out their banking details. This is where it gets interesting.

Ransomware

Ransomware Cryptocurrency Banking Accountability

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking

Banking Accountability Malware Mobile

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

“Our continuous monitoring of underground activity revealed despite the conviction, Flint24 never left the cybercrime scene,” reads an analysis penned by Intel 471. Intel 471 says Selivanon also was charged along with Stroganov in this past week’s law enforcement action.

Cybercrime

Cybercrime Retail Banking Insurance

Bank of America customer data compromised after a third-party services provider data breach

Security Affairs

FEBRUARY 13, 2024

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish System (IMS). Bank of America’s systems were not compromised.”

Data breaches

Data breaches Banking Identity Theft Ransomware

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Krebs on Security

APRIL 29, 2022

Google has for years accepted requests to remove certain sensitive data such as bank account or credit card numbers from search results. The login page for perhaps the most bustling cybercrime store for stolen payment card data. BriansClub has long abused my name and likeness to pimp its wares on the hacking forums.

Identity Theft

Identity Theft Cybercrime Retail Hacking

New variant of BBTok Trojan targets users of +40 banks in LATAM

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. ” reads the report published by Check Point.

Banking

Banking Phishing Malware Hacking

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. said investigators determined the breach began on Aug. ” On Oct.

Identity Theft

Identity Theft Banking Cybercrime Hacking

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

911 S5’s reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that “last mile” of cybercrime. dollars using over-the-counter vendors who wired and deposited funds into bank accounts held by Liu.

VPN

VPN Banking Cybercrime Internet

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Once inside a victim company’s bank accounts, the crooks would modify the firm’s payroll to add dozens of “ money mules ,” people recruited through work-at-home schemes to handle bank transfers.

Banking

Banking Small Business Accountability Malware

COVID-19 ‘Breach Bubble’ Waiting to Pop?

Krebs on Security

JUNE 30, 2020

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. The economic laws of supply and demand hold just as true in the business world as they do in the cybercrime space.

Retail

Retail Banking Hacking Cybercrime

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware

Malware Identity Theft Cybercrime Accountability

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches

Data breaches Cybercrime Financial Services Hacking

Cybercrime Rapper Sues Bank over Fraud Investigation

How Does One Get Hired by a Top Cybercrime Gang?

Trending Sources

The Risk of Weak Online Banking Passwords

From Cybercrime Saul Goodman to the Russian GRU

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Banks Attacked through Malicious Hardware Connected to the Local Network

Billion Dollar CyberSecurity Annual Budgets Have Arrived

Would You Have Fallen for This Phone Scam?

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Disneyland Malware Team: It’s a Puny World After All

Grandoreiro Banking Trojan is back and targets banks worldwide

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

Hackers stole millions of dollars from Uganda Central Bank

When Efforts to Contain a Data Breach Backfire

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

New version of Android malware FakeCall redirects bank calls to scammers

Fintech Giant Finastra Investigating Data Breach

Hacker arrested for selling bank accounts of US, Canadian users

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Many Public Salesforce Sites are Leaking Private Data

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

The Rise of One-Time Password Interception Bots

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

Evolve Bank data breach impacted over 7.6 million individuals

Is Your Computer Part of ‘The Largest Botnet Ever?’

Arrest in ‘Ransom Your Employer’ Email Scheme

Flagstar Bank suffered a data breach once again

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

Disrupting Ransomware by Disrupting Bitcoin

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Russians Shut Down Huge Card Fraud Ring

Bank of America customer data compromised after a third-party services provider data breach

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

New variant of BBTok Trojan targets users of +40 banks in LATAM

Who Stole 3.6M Tax Records from South Carolina?

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

COVID-19 ‘Breach Bubble’ Waiting to Pop?

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Stay Connected