Experts spotted a new version of the IcedID banking trojan that uses steganography to infect victims as part of COVID-19 themed attacks. A new version of the IcedID banking trojan was employed in COVID-19 themed attacks, the new variant uses steganography to infect victims and implements anti-detection capabilities. Researchers at Juniper Threat La

In a public announcement released on June 10th, the Federal Bureau of Investigation (FBI) warned that bad actors are now aiming at mobile banking users. Because of the pandemic, more and more people are looking for an alternative to physically visiting branch locations, so hackers will be looking for ways to exploit the new trend. The law enforcement agency

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot, aka Qakbot, is a data stealer worm wi

I recently talked with Julian Hall, senior vice president of enterprise architecture and application development at Security Service Federal Credit Union, to discuss what steps he and his team took in securing his credit union’s digital channels. Julian has more than 30 years of software industry experience and has been with Security Service for the la

Since the World Health Organization (WHO) declared the COVID-19 outbreak a pandemic on March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals — from phishing emails impersonating the Small Business Administration (SBA) and the WHO to U.S.

Security researchers at Cybereason are warning of a new mobile banking trojan that steals details from financial apps and intercepts SMS messages to bypass two-factor authentication mechanisms.According to experts who have examined the code of the malware, known as EventBot, it differs substantially from previously known Android malware – suggesting th

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers

DDoS extortionists are blackmailing Australian banks asking for payments of large sums in Monero cryptocurrency threatening DDoS attacks. Cybercriminals are threatening Australian banks of DDoS attacks if they will not pay large sums in Monero cryptocurrency. The extortion campaign was observed over the past week, attackers are sending emails to the ba

Banking Trojans are a constant danger for the financial sector. This kind of malware steals its victims’ online identity and use this information to trick financial institutions and steal money from their accounts. Over the last few years, we’ve seen many examples of this kind of cybercrime. Last year, one of the most noteworthy banking Trojans was BackSwap,

The banking sector suffers a great deal at the hands of cybercrime. In July last year, a cybercriminal managed to steal the personal data of some 100 million users of the bank Capital One. In June of the same year, a malicious insider gathered information from Desjardins Group and shared it with with a third party. The breach affected around 2.7 million peop

Nedbank bank announced on Thursday that a security breach at a third-party supplier has compromised the details of as many as 1.7 million of its clients. Nedbank bank disclosed on Thursday a security breach at a third-party supplier that has compromised the details of as many as 1.7 million of its clients. The bank revealed that the service provider C

Unauthorized use of customer information by Woori Bank, ‘crime act’ for customers. The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the passwords of 23,000 customer dormant accounts without consent in July 2018. The accounts are deactivated if there is no transaction for one year after t

The president of the European Central Bank (ECB), Christine Lagarde, is warning that a cyber-attack on a major financial institution could trigger a liquidity crisis. The president of the European Central Bank (ECB), Christine Lagarde, has warned that a coordinated cyber-attack on major banks could trigger a liquidity crisis. President Lagarde cited f

On September 14th the final deadline of complying with the new Payment Service Directive PSD2 will be reached. Among other things, this directive will bring quite a few technical challenges for credit institutions. These include new requirements on two-factor authentication and API access for third parties. In this blog post we will give a short overview of

The NIC Asia Bank requested the support of the Central Investigation Bureau of Nepal Police to track down the crooks who hacked the SWIFT server. Once again hackers targeted SWIFT systems to steal money from a financial institution. The victim is the NIC Asia Bank that once discovered illegal fund transfer with its SWIFT server requested support from the Cen