Security News > 2023 > July > Banking Sector Targeted in Open-Source Software Supply Chain Attacks
Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector.
"These attacks showcased advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to it," Checkmarx said in a report published last week.
In an unrelated attack detected in February 2023 targeting a different bank, the adversary uploaded to npm a package that was "Meticulously designed to blend into the website of the victim bank and lay dormant until it was prompted to spring into action."
"More than half of the attacks - 20 - fell on Russia. Among the victims of cyber spies were construction, financial, consulting companies, retailers, banks, insurance, and legal organizations."
Financial institutions have also been at the receiving end of attacks leveraging a web-inject toolkit called drIBAN to perform unauthorized transactions from a victim's computer in a manner that circumvents identity verification and anti-fraud mechanisms adopted by banks.
"ATS is a class of web injects that alters on-the-fly legitimate banking transfers performed by the user, changing the beneficiary and transferring money to an illegitimate bank account controlled by TA or affiliates, which are then responsible for handling and laundering the stolen money."
News URL
https://thehackernews.com/2023/07/banking-sector-targeted-in-open-source.html
Related news
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)