Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website. Washington, D.C. ”

Banking 340

Banking Government Information Security Authentication 340

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. “No passwords” , “no bank cards” , “no content of communications (emails, SMS, voice messages, etc.)” The company is the second-largest ISP in France with over 22.9

Cyber Attacks 125

Cyber Attacks Telecommunications Data breaches Banking 125

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking 133

Banking Malware Antivirus Accountability 133

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly. The following authorities participated in the Operation Magnus.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. Interestingly, we observed that ERMAC 2.0 “ERMAC 2.0

Banking 145

Banking Malware Cybercrime Phishing 145

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 144

Banking Ransomware Advertising VPN 144

Security Affairs

JULY 9, 2024

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” million individuals.

Banking 132

Banking Data breaches Retail Ransomware 132

Security Affairs

MARCH 18, 2022

Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). ” concludes the report.

Banking 144

Banking Telecommunications System Administration Hacking 144

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. The authorities blocked 2,350 bank accounts linked to the illicit proceeds of online financial crime and intercepted over 27 million dollars. Pierluigi Paganini.

Cybercrime 131

Cybercrime Scams Banking Malware 131

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. A bank spokesperson told Reuters that the ransomware attack did not impact services. GB worth of files.

Banking 122

Banking Ransomware Cybercrime Malware 122

Security Affairs

OCTOBER 9, 2023

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv.

Data breaches 133

Data breaches Banking Hacking Mobile 133

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” concludes the report.

Banking 143

Banking Mobile Social Engineering Malware 143

Security Affairs

SEPTEMBER 5, 2021

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services.

Banking 136

Banking Ransomware Financial Services Hacking 136

Security Affairs

FEBRUARY 21, 2022

Xenomorph Android trojan has been observed distributed via the official Google Play Store targeting 56 European banks. Researchers from ThreatFabric have spotted a new Android banking trojan, dubbed Xenomorph , distributed via the official Google Play Store that has over 50,000 installations. ” concludes the report.

Banking 137

Banking Malware Marketing Hacking 137

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) million from victims.

Cybercrime 128

Cybercrime Scams Banking Mobile 128

Security Affairs

OCTOBER 1, 2021

Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. . Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. ” concludes Cyble. Pierluigi Paganini.

Banking 136

Banking Malware Encryption Hacking 136

Security Affairs

SEPTEMBER 19, 2021

Numando, a new banking Trojan that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. ESET researchers spotted a new LATAM banking trojan, tracked as Numando, that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. SecurityAffairs – hacking, banking trojan).

Banking 140

Banking Encryption Malware Hacking 140

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 144

Banking Malware Internet Internet 144

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 141

Banking Accountability Malware Mobile 141

Security Affairs

DECEMBER 12, 2021

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. The phishing messages are carefully crafted, the content was well-structured and features bank logos. The use of QR codes making it hard for email filters to flag the messages as malicious. Pierluigi Paganini.

Banking 145

Banking Phishing Social Engineering Engineering 145

Security Affairs

FEBRUARY 13, 2024

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish System (IMS). Bank of America’s systems were not compromised.”

Data breaches 138

Data breaches Banking Identity Theft Ransomware 138

Security Affairs

OCTOBER 28, 2024

. “Milan prosecutors allege the business intelligence agency tapped into three key databases: one gathering alerts over suspicious financial activities; one used by the national tax agency with citizens’ bank transactions, utility bills, income statements; and the police investigations’ database, the person said.”

Computers and Electronics 135

Computers and Electronics Banking Marketing Hacking 135

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others.

Data breaches 123

Data breaches Cybercrime Authentication Technology 123

Security Affairs

OCTOBER 2, 2021

In March, experts from Swiss security outfit PRODAFT estimated that the number of infected devices worldwide was approximately 60,000. The Android malware has been used to steal banking credentials, payment information, and sensitive data from infected devices. ” states the report. Pierluigi Paganini.

Banking 145

Banking Malware Spyware Passwords 145

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. ” reads the report published by Check Point.

Banking 138

Banking Phishing Malware Hacking 138

Security Affairs

FEBRUARY 19, 2024

The Android banking trojan Anatsa resurged expanding its operation to new countries, including Slovakia, Slovenia, and Czechia. In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. ” concludes the report. ” concludes the report. .

Banking 127

Banking Malware Mobile Authentication 127

Security Affairs

FEBRUARY 3, 2025

The gang targets high-value victims, also called “mammoths,” for digital asset theft, including cryptocurrencies, payment cards, online banking accounts, and non-fungible tokens (NFTs). The cybercrime gang focused on targeting the Web3 and decentralized finance industry. These factors make it a persistent cyber threat.

Scams 83

Scams Media Cryptocurrency Cybercrime 83

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 117

Data breaches Cybercrime Financial Services Hacking 117

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 107

Cybercrime Banking Identity Theft Hacking 107

Security Affairs

JULY 31, 2022

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. ” DawDropper apps were spotted dropping four families of banking trojans, including Octo, Hydra, Ermac , and TeaBot. “It also hosts malicious payloads on GitHub. Pierluigi Paganini.

Banking 133

Banking Malware VPN Hacking 133

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

DECEMBER 13, 2021

Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. The post TinyNuke banking malware targets French organizations appeared first on Security Affairs. ” concludes the report. Pierluigi Paganini.

Banking 123

Banking Malware Manufacturing Business Services 123

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 107

Banking Malware Antivirus Phishing 107

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once obtained the SIM cards, they were able to bypass SMS-based 2FA used to access bank accounts and steal the money.

Banking 125

Banking Accountability Mobile Cryptocurrency 125

Security Affairs

JULY 4, 2023

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. The case was reported by security researcher Pol Thill. The threat actor also targeted banks in other regions, including Deutsche Bank, Crédit Agricole and ING. ” Thill explained.

Banking 98

Banking Phishing Social Engineering Authentication 98

Security Affairs

DECEMBER 18, 2023

Our research team also found some bank logs for sale, info stealers were possibly used to steal these logs. Bank logs : These are sets of data containing sensitive information about a bank account. Bank logs : These are sets of data containing sensitive information about a bank account.

Banking 133

Banking Cybercrime Malware Accountability 133

Security Affairs

JULY 31, 2024

OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and blood products to over 300 hospitals and medical facilities across the U.S.

Banking 134

Banking Ransomware Healthcare Cyber Attacks 134