Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. The authorities blocked 2,350 bank accounts linked to the illicit proceeds of online financial crime and intercepted over 27 million dollars. Pierluigi Paganini.

Cybercrime 116

Cybercrime Scams Banking Malware 116

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 97

Cybercrime Banking Identity Theft Hacking 97

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) million from victims.

Cybercrime 106

Cybercrime Scams Banking Mobile 106

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website. Washington, D.C. ”

Banking 285

Banking Government Information Security Authentication 285

Security Affairs

DECEMBER 18, 2023

Our research team also found some bank logs for sale, info stealers were possibly used to steal these logs. Bank logs : These are sets of data containing sensitive information about a bank account. Bank logs : These are sets of data containing sensitive information about a bank account.

Banking 120

Banking Cybercrime Malware Accountability 120

Security Affairs

NOVEMBER 20, 2021

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. The infamous banking trojan was also used to deliver other malicious code, such as Trickbot and QBot trojans, or ransomware such as Conti , ProLock , Ryuk , and Egregor. ” concludes the analysis.

Cybercrime 107

Cybercrime Ransomware Banking Malware 107

Security Affairs

JUNE 5, 2023

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients.

Banking 90

Banking Ransomware Data breaches Hacking 90

Security Affairs

JULY 24, 2023

Checkmark researchers have uncovered the first known targeted OSS supply chain attacks against the banking sector. In the first half of 2023, Checkmarx researchers detected multiple open-source software supply chain attacks aimed at the banking sector. ” reads the report published by Checkmarx. ” continues the report.

Banking 93

Banking Hacking Malware Software 93

Security Affairs

FEBRUARY 21, 2022

Xenomorph Android trojan has been observed distributed via the official Google Play Store targeting 56 European banks. Researchers from ThreatFabric have spotted a new Android banking trojan, dubbed Xenomorph , distributed via the official Google Play Store that has over 50,000 installations. ” concludes the report.

Banking 127

Banking Malware Marketing Cryptocurrency 127

Security Affairs

SEPTEMBER 5, 2021

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services.

Banking 125

Banking Ransomware Financial Services Hacking 125

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Cybercrime 124

Cybercrime Security Intelligence Authentication Banking 124

Security Affairs

APRIL 11, 2020

Monte dei Paschi, one of the biggest Italian banks, suffered a cyber attack, hackers accessed the mailboxes of some employees and sent emails to clients. Italian state-owned bank Monte dei Paschi discloses a security breach, hackers have accessed the mailboxes of some employees and sent emails to clients. Pierluigi Paganini.

Banking 134

Banking Cyber Attacks Advertising Cybercrime 134

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” concludes the report.

Banking 132

Banking Mobile Social Engineering Malware 132

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 96

Banking Malware Antivirus Phishing 96

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. Pierluigi Paganini.

Cybercrime 124

Cybercrime Antivirus Marketing Accountability 124

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. ” said Stephen Kavanagh, INTERPOL Executive Director of Police Services. ” said Dmitry Volkov Group-IB CTO and Head of Threat Hunting Intelligence.

Cybercrime 99

Cybercrime Phishing Banking Telecommunications 99

Security Affairs

DECEMBER 12, 2021

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. The phishing messages are carefully crafted, the content was well-structured and features bank logos. The use of QR codes making it hard for email filters to flag the messages as malicious. Pierluigi Paganini.

Banking 142

Banking Phishing Social Engineering Engineering 142

Security Affairs

SEPTEMBER 3, 2019

million from the German bank OLB by cloning customer debit cards and using them to cash out user funds across Brazil. million from the German bank Oldenburgische Landesbank (OLB) by cloning customer debit cards and using them to cash out user funds across Brazil. SecurityAffairs – OLB bank, cybercrime).

Banking 89

Banking Cybercrime Advertising Scams 89

Security Affairs

OCTOBER 1, 2021

Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. . Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. ” concludes Cyble. Pierluigi Paganini.

Banking 116

Banking Malware Encryption Hacking 116

Security Affairs

OCTOBER 21, 2022

Mandiant researchers warn of a significant shift from Ursnif ‘s original purpose, the malware initially used in banking frauds is now used to deliver next-stage payloads and steal sensitive data. The new variant, first observed in June 2022 and dubbed LDR4, is not a banking trojan, but a generic backdoor. . Pierluigi Paganini.

Banking 92

Banking Malware Hacking Ransomware 92

Security Affairs

NOVEMBER 12, 2022

Experts discovered two new malicious dropper apps on the Google Play Store distributing the Xenomorph banking malware. Zscaler ThreatLabz researchers discovered a couple of malicious dropper apps on the Play Store distributing the Xenomorph banking malware. The it downloads the malicious Xenomorph banking trojan samples from Github.

Banking 96

Banking Malware Hacking Mobile 96

Security Affairs

NOVEMBER 10, 2020

Researchers from Kaspersky Lab spotted a new Android banking Trojan, dubbed Ghimob, that is able to steal data from 112 financial Apps. Ghimob is a new Android banking Trojan discovered by Kaspersky that is able to steal data from 112 financial apps. ” concludes the report. ” concludes the report.

Banking 104

Banking Mobile Malware Spyware 104

Security Affairs

FEBRUARY 2, 2024

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. The international law enforcement operation was launched to curb the escalation and professionalisation of transnational cybercrime.

Cybercrime 101

Cybercrime Banking Phishing Malware 101

Security Affairs

JULY 31, 2022

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. ” DawDropper apps were spotted dropping four families of banking trojans, including Octo, Hydra, Ermac , and TeaBot. “It also hosts malicious payloads on GitHub. Pierluigi Paganini.

Banking 121

Banking Malware VPN Hacking 121

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 131

Banking Malware Internet Internet 131

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 116

Banking Ransomware Advertising VPN 116

Security Affairs

SEPTEMBER 19, 2021

Numando, a new banking Trojan that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. ESET researchers spotted a new LATAM banking trojan, tracked as Numando, that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. SecurityAffairs – hacking, banking trojan).

Banking 111

Banking Encryption Malware Hacking 111

Security Affairs

MARCH 23, 2023

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications.

Banking 85

Banking Cryptocurrency Malware Advertising 85

Security Affairs

JUNE 22, 2022

US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 US-based Flagstar Bank disclosed a data breach that impacted roughly 1.5 This is the second time that Flagstar was the victim of a security breach, in March 2021 it was hit by Clop ransomware gang. million individuals.

Data breaches 92

Data breaches Banking Ransomware Hacking 92

Security Affairs

MARCH 4, 2023

Researchers at Metabase Q discovered a new ATM malware, dubbed FiXS, that was employed in attacks against Mexican banks since February 2023. Researchers at Metabase Q recently spotted a new ATM malware, dubbed FiXS, that is currently targeting Mexican banks. The name comes from the malware’s code name in the binary.

Banking 97

Banking Malware Financial Services Architecture 97

Security Affairs

MARCH 31, 2021

Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter. To lure victims, cybercriminals pose as bank representatives or customer support team members on Twitter. From January to early March 2021, this scheme grew in scope 2.5-fold

Banking 97

Banking Scams Accountability Media 97

Security Affairs

JANUARY 3, 2023

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages.

Banking 94

Banking Malware Phishing DDOS 94

Security Affairs

DECEMBER 13, 2021

Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. The post TinyNuke banking malware targets French organizations appeared first on Security Affairs. ” concludes the report. Pierluigi Paganini.

Banking 103

Banking Malware Manufacturing Business Services 103

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once obtained the SIM cards, they were able to bypass SMS-based 2FA used to access bank accounts and steal the money.

Banking 112

Banking Accountability Mobile Cryptocurrency 112

Security Affairs

OCTOBER 2, 2021

In March, experts from Swiss security outfit PRODAFT estimated that the number of infected devices worldwide was approximately 60,000. The Android malware has been used to steal banking credentials, payment information, and sensitive data from infected devices. ” states the report. Pierluigi Paganini.

Banking 123

Banking Malware Spyware Passwords 123

Security Affairs

NOVEMBER 30, 2021

Experts found four Android banking trojans that were available on the official Google Play Store and that infected +300,000 devices. Researchers from ThreatFabric discovered four distinct Android banking trojans that were spread via the official Google Play Store between August and November 2021. Pierluigi Paganini.

Banking 100

Banking Antivirus Malware Authentication 100

Security Affairs

NOVEMBER 18, 2021

The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM spotted a new version of the BrazKing Android banking trojan that pull fake overlay screens from the command and control (C2) server in real-time. Pierluigi Paganini.

Banking 96

Banking Malware Antivirus Phishing 96