Security News

A new version of the Drinik Android trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. Drinik has been circulating in India since 2016, operating as an SMS stealer, but in September 2021, it added banking trojan features that target 27 financial institutes by directing victims to phishing pages.

A new version of the Ursnif malware emerged as a generic backdoor, stripped of its typical banking trojan functionality. Codenamed "LDR4," the new variant was spotted on June 23, 2022, by researchers at incident response company Mandiant, who believe that it's being distributed by the same actors that maintained the RM3 version of the malware over the past years.

Crimeware targeting banks and other financial-services organizations today features sophisticated capabilities and evasion tools, according to Kaspersky's lead security researcher Sergey Lozhkin. "The darkest hour is now for the financial industry, especially for big and medium-sized corporations," Lozhkin said, during a panel discussion on threats to financial services organizations.

The major outage began around Monday evening but has continued well into today with Chase reporting some customers facing degraded performance while others seeing improvement. Chase UK's customers with a mobile-based current account have been experiencing an ongoing outage and degraded performance with the bank's app, making it difficult for them to access their accounts and funds.

TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud.TD Bank is one of the largest banks in the United States by deposits, operating 1,220 branches and employing over 26,000 people.

A new phishing as a service platform named 'Robin Banks' has been launched, offering ready-made phishing kits targeting the customers of well-known banks and online services. According to a report by IronNet, whose analysts discovered the new phishing platform, Robin Banks is already being deployed in large-scale campaigns that started in mid-June, targeting victims via SMS and email.

The Bank of the West is warning customers that their debit card numbers and PINs have been stolen by skimmers installed on several of the bank's ATMs. The financial institute, which operates over 600 branches in the United States, first detected a wave of suspicious withdrawal attempts in November 2021 and coordinated with law enforcement to conduct an in-depth investigation. "The ATM skimming device that was installed interfered with the normal debit card transaction and allowed the theft of your card number, the PIN number associated with your card, and possibly your name and address," explains the bank's notice to impacted customers.

A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. The new banking trojan follows a more focused approach targeting the BBVA bank instead of attempting to compromise customers of multiple financial institutes.

A US bank has said at least the names and social security numbers of more than 1.5 million of its customers were stolen from its computers in December. In a statement to the office of Maine's Attorney General this month, Flagstar Bank said it was compromised between December and April 2021.

Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack. According to data breach notifications sent to exposed customers, Flagstar experienced a security incident in December 2021 when intruders breached the bank's corporate network.