Banking and Finance


  • Dirty money: World’s largest banks failing to stop money laundering on vast scale

    September 21, 2020

    Massive sums of allegedly dirty money have flowed for years through some of the world’s largest banking institutions, said an international journalism investigation published Sunday, which denounced shortcomings in sector regulations. “Profits from deadly drug wars, fortunes embezzled from developing countries, and hard-earned savings stolen in a Ponzi scheme were all allowed to flow into and ...

  • FBI says credential stuffing attacks are behind some recent bank hacks

    September 14, 2020

    The FBI has sent a private security alert to the US financial sector last week warning organizations about the increasing number of credential stuffing attacks that have targeted their networks and have led to breaches and considerable financial losses. Credential stuffing is a relatively new term in the cyber-security industry. It refers to a type of automated attack ...

  • Chilean bank shuts down all branches following ransomware attack

    September 7, 2020

    BancoEstado, one of Chile’s three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend. “Our branches will not be operational and will remain closed today,” the bank said in a statement published on its Twitter account on Monday. Details about the attack have not been ...

  • Python-based Spy RAT Emerges to Target FinTech

    September 3, 2020

    The Evilnum group, which specializes in targeting financial technology companies, has debuted a new tool: A Python-based remote access trojan (RAT), dubbed PyVil. The malware’s emergence dovetails with a change in the chain of infection and an expansion of infrastructure for the APT. According to researchers at Cybereason, PyVil RAT enables the attackers to exfiltrate data, ...

  • JP Morgan will adopt remote working on a permanent basis

    August 27, 2020

    One of the world’s largest investment banks, JP Morgan, has decided to embrace remote working on a permanent basis, in a move that could send ripples through the business world. Once the Covid-19 pandemic is over, the company’s 60,000 employees will not be required to return to the office full time. Instead, they will be given ...

  • New Zealand stock exchange halted trading after DDoS attacks

    August 26, 2020

    New Zealand’s stock exchange (NZX) has been impacted by distributed denial-of-service (DDoS) attacks during the last two days, forcing it to shut down trading until the connectivity issues were resolved. NZX operates New Zealand’s capital, risk, and commodity markets, and it supplies market information including real-time stock quotes, market data and news. The stock market announced around ...

  • US government warns of North Korean hackers targeting banks worldwide

    August 26, 2020

    North Korean hackers tracked as BeagleBoyz have been using malicious remote access tools as part of ongoing attacks to steal millions from international banks according to a joint advisory issued today by several U.S. Government agencies. The joint release says that North Korea’s BeagleBoyz hacking group has once again started robbing banks through remote internet access ...

  • New FritzFrog P2P botnet has breached at least 500 enterprise, government servers

    August 19, 2020

    A P2P botnet newly-discovered by researchers has struck at least 500 government and enterprise SSH servers over 2020. On Wednesday, cybersecurity firm Guardicore Labs published research into FritzFrog, a peer-to-peer (P2P) botnet that has been detected by the company’s sensors since January this year. According to researcher Ophir Harpaz, FritzFrog has attempted to brute-force SSH servers belonging ...

  • Capital One fined $80m for shoddy public cloud security

    August 7, 2020

    Capital One must pay a trivial $80m fine for its shoddy public cloud security – yes, the US banking giant that was hacked last year by a miscreant who stole personal information on 106 million credit-card applicants in America and Canada. That swiped data included 140,000 US social security numbers and 80,000 bank account numbers, we’re ...

  • Diebold Nixdorf warns of a new class of ATM ‘black box’ attacks across Europe

    July 16, 2020

    ATM maker Diebold Nixdorf is warning banks of a new type of ATM “black box” attack that was recently spotted used across Europe. ATM “black box” attacks are a type of jackpotting attack — when cybercriminals make an ATM spit out cash. A jackpotting attack can be executed with malware installed on an ATM, or by ...

  • Brazil’s Banking Trojans Go Global

    July 15, 2020

    Malware that is typically used in Brazil is expanding its geography, targeting users in North America, Europe and elsewhere in Latin America. Banking trojans, which steal online banking logins and other financial credentials from unsuspecting victims, are  fairly common – but the more sophisticated examples are often pioneered in Brazil. According to Kaspersky researchers, four Brazilian banking-trojan families ...

  • COVID heightening bank vulnerability to cyber attack

    July 13, 2020

    The “large-scale shift” to digital banking and remote work off the back of the COVID-19 crisis has heightened the banking sector’s exposure to cyber attack, according to Moody’s. Over the past few months, banks, like most businesses, have leveraged digital technology to facilitate remote work in response to social distancing measures imposed to curb the spread ...

  • How North Korea’s army of hackers stole $2bn through cyber bank heists

    July 12, 2020

    North Korean hackers are attempting to raise money for the regime by stealing from financial institutions and cryptocurrency exchanges. Towards the end of last year, a series of seemingly innocuous LinkedIn messages were sent to employees of aerospace and military companies in the UK, Europe and the Middle East. “We welcome elites like you. I want you ...

  • South African bank to replace 12m cards after employees stole master key

    June 15, 2020

    Postbank, the banking division of South Africa’s Post Office, has lost more than $3.2 million from fraudulent transactions and will now have to replace more than 12 million cards for its customers after employees printed and then stole its master key. The Sunday Times of South Africa, the local news outlet that broke the story, said the ...

  • Additional ATMs blown up in Philadelphia as police release video of suspects

    June 4, 2020

    Philadelphia police released new video Thursday of three suspects blowing up an ATM at a restaurant after warning a customer to leave. The suspects can be seen on video in the lobby of New Far East Palace Restaurant on Ruscomb Street in the city’s Logan section. It all started Tuesday night just before 11 p.m. Police said one ...

  • Four agencies warn banks and customers of COVID-19 scams

    May 22, 2020

    Four federal agencies issued a joint alert May 21 warning that cybercriminals and other adversaries are using coronavirus-related lures to scam taxpayers and attempt to disrupt operations of institutions responding to the ongoing pandemic. The alert, sent out by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Internal Revenue Service, the Department of ...

  • COVID-19 blamed for 238% surge in cyberattacks against banks

    May 14, 2020

    The coronavirus pandemic has been connected to a 238% surge in cyberattacks against banks, new research claims. On Thursday, VMware Carbon Black released the third edition of the Modern Bank Heists report, which says that financial organizations experienced a massive uptick in cyberattack attempts between February and April this year — the same months in which COVID-19 began to spread ...

  • South Lebanon Banks Attacked with Explosives

    April 27, 2020

    The Lebanese army and security forces are investigating two attacks on banks in South Lebanon, after an explosive device detonated near a branch and a Molotov cocktail was tossed at an ATM. Security sources told Asharq Al-Awsat that investigators were probing the two attacks. Banks have been previously the target of attacks, which often involved political messages, ...

  • A look at the ATM/PoS malware landscape from 2017-2019

    April 23, 2020

    From remote administration and jackpotting, to malware sold on the Darknet, attacks against ATMs have a long and storied history.  And, much like other areas of cybercrime, attackers only refine and grow their skillset for infecting ATM systems from year-to-year. So what does the ATM landscape look like as of 2020? Let’s take a look. ATM attacks aren’t ...

  • Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain

    April 14, 2020

    Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account. In the background, meanwhile, the ...