Banking News, Articles and Updates

MysteryBot Android trojan aims at banking apps

Security researchers have discovered a new type of malware that combines three-legged threat with a banking trojan, keylogger, and mobile ransomware in one package.

Wiper attack at Chilean bank provided cover for $10M SWIFT heist

The real target of a wiper malware attack on Banco de Chile were transactions on the SWIFT network that resulted in a £7.5 million heist.

Banks: Carrying the can for bad people, broken tech and confused customers

Unfortunately for banks, cyber-attacks have evolved into a variety of advanced exploits and the countermeasures haven't kept pace.

Banking RAT leverages Microsoft SQL Server database to target Brazilians

A newly discovered banking malware that's been actively targeting Brazilians behaves as a remote access trojan (RAT) and uses a Microsoft SQL Server database server as an unconventional command-and-control infrastructure.

BackSwap banking malware bypasses browser protections with clever technique

A new banking malware called BackSwap has replaced tricky conventional browser injections with a simpler browser manipulation technique that can URLs for banking activity by hooking key window message loop events.

Cobalt Hacking Group continues despite leader arrest

Banking hacking group Cobalt continues to operate despite the arrest of a leading figure recently, according to researchers.

Two-thirds of online banking systems in 2017 contained high-risk vulnerabilities

75 percent of online banking systems contained cross-site scripting flaws, 69 percent lacked protection from data interception, 63 percent had insufficient authorisation, 50 percent were vulnerable to sensitive data disclosure.

Trickbot banking malware has new trick up its sleeve

Security reserachers have discovered that the Trickbot malware has been updated with you capabilities to evade detection and lock victim's computers.

More than £4 million stolen from Russian central bank via SWIFT system

Hackers stole £4.3 million from the Russian central bank last year via the SWIFT messaging system, according to report from the bank.

Unauthorised party access data on 800K Swisscom customers

Telecom giant Swisscom Wednesday disclosed that an unauthorised intruder misappropriated an unnamed sales partner's access to its data, thereby compromising basic information pertaining to approximately 800,000 customers.

One third of Britons would apply to be a money mule

One third (32 percent) of Britons would apply for a job as a money mule - knowingly helping criminals launder money, according to the results of a fake job advert set up by Santander.

FakeBank malware accesses sensitive SMS banking messages

A newly discovered mobile malware program that primarily targets Russian banking customers can take over victims' SMS capabilities, allowing cyber-criminals to intercept text messages that contain bank security codes.

Android banking trojan targets more than 232 apps

Security researchers have found a new strain of malware targeting banking apps on Android devices.

TLS implementation bug put millions at risk

A critical security bug put millions of banking app users at risk, according to researchers from the University of Birmingham.

Security flaw puts 10 million banking app users at risk

Vulnerability could enable hackers to carry out MitM attacks on bank apps - 10 million users at risk

New Ursnif variants silently targets banks and employ redirection attacks

New Ursnif variants being tested in the wild are using redirection attacks to target Australian banks and malicious TLS callback techniques to achieve process injection.

New IcedID banking trojan already rivals worst of its malware peers

A banking trojan that's been targeting US financial institutions and services since at least September is already as advanced in its capabilities as its predecessors Zeus, Gozi, and Dridex, researchers from IBM have reported.

Banking Trojan gang poisons Google results to spread malware: more comment

Cunning SEO trickery and new variant of Zeus Panda targets international banking customers

Corebot banking trojan returns - after modifying indicators of compromise

A new variant of the banking Trojan, CoreBot, which was mainly active in the summer of 2015, has been spotted by security researchers with the new variant spreading via malicious Office documents.

Russian hackers silently threaten global financial organisations

A new bankrobber Trojan has been identified by researchers at Kaspersky Lab, quietly stealing money direct from the banks themselves rather than targeting customers.

Ursnif banking malware surges in Japan, banks and payment card Cos hit

Malspam campaigns designed to spread the Ursnif banking trojan have been heavily targeting Japanese banks and payment card providers in 2017, especially since September, according to IBM'sX-Force research team.

Swiss phishing scam aims to download Retefe banking trojan

Researchers with PhishMe have released the details of a phishing campaign, currently being run in Switzerland, that uses a tax dodge to entice its victims to open an attached file, which will then download the Retefe banking trojan.

LokiBot Android Banking Trojan turns into ransomware in last ditch effort

An Android banking trojan dubbed LokiBot turns into a ransomware when users try to remove its admin privileges in a last ditch effort to extort the user.

North Korean hackers suspected of targeting Nepali bank SWIFT codes

Cyber-criminals used stolen SWIFT codes to transfer money from multiple Nepali banks on 19 October 2017.

ATMii ATM malware uses two modules, simple yet effective

A new family of ATM malware, dubbed ATMii, is using legitimate proprietary libraries and a small piece of code to cause the machines to spit out money and targets older Windows versions.

Brazilian banking trojan uses legit VMware binary to bypass security

Cyber-criminals are using legitimate VMware binary to spread banking trojans in a new phishing campaign targeting the Brazilian financial sector.

Red Alert banking malware steals credentials

A new strain of banking malware is targeting Android users, security researchers have discovered. Red Alert Trojan targets more than 60 banking and social networking apps

Trickbot banking Trojan a significant risk to financial institutions

Vitali Kremez reports how the Necurs botnet is delivering a different type of malware that poses a threat specifically to the financial sector: the "Trickbot" banking Trojan.

Interview: Dr Fatemi Ardakani, director, Bank Melli Iran: ID & authentication

Clearer definitions between privacy, security, and trust - a mix of these areas can be a great place for innovations. Identification and authentication are two particular areas that lots of innovation can happen says Dr Fatemi Ardakani

Bring on GDPR. Wonga blunders in data breach - bank details lost?

Unsurprisingly, Wonga customers have been told to change their passwords after the payday loan firm admitted it had suffered a major data breach affecting 250,000 customers.