Security News

It may be at an early stage, but we can already see that future, as, all over the world, the banking community moves to embrace open banking. Adrian Mountstephens, business development, payments and banking at Equinix, says that in fact the entire digital future of banking is linked to APIs.

Threat actors have been discovered distributing a new credential stealer written in AutoHotkey scripting language as part of an ongoing campaign that started early 2020. Customers of financial institutions in the US and Canada are among the primary targets for credential exfiltration, with a specific focus on banks such as Scotiabank, Royal Bank of Canada, HSBC, Alterna Bank, Capital One, Manulife, and EQ Bank.

Cloud-based cybersecurity and cybercompliance management solutions provider DefenseStorm on Tuesday announced that it raised $12 million in Series B funding, along with $7 million in growth capital financing. DefenseStorm plans on bringing to market its CyberFraud module, as well as to increase efficiency through its Threat Ready Active Compliance service provider team.

The partnership will further enhance Cellulant's cybersecurity by proactively securing its digital banking channels and guarding against digital banking and payment fraud. Entersekt is working with the Cellulant team to integrate its mobile software development kit with Cellulant's product stack, making Entersekt's authentication and app security solutions available to Cellulant's clients.

Ever since its discovery in 2014-when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for distributing other kinds of computer viruses. Emotet is the most uploaded malware throughout the past few years.

A new banking trojan has been discovered targeting Android users, with the capabilities to spy on 153 mobile apps from various banks, cryptocurrencies and exchanges. Kaspersky telemetry shows that all victims of the Ghimob mobile banking trojan are currently located in Brazil at the moment.

Four months after security researchers uncovered a "Tetrade" of four Brazilian banking Trojans targeting financial institutions in Brazil, Latin America, and Europe, new findings show that the criminals behind the operation have expanded their tactics to infect mobile devices with spyware. According to Kaspersky's Global Research and Analysis Team, the Brazil-based threat group Guildma has deployed "Ghimob," an Android banking Trojan targeting financial apps from banks, fintech companies, exchanges, and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique.

The smishing campaign is concerning as it employs multiple HMRC phishing domains and tactics, with new domains added every day as older ones get flagged by spam filters. Not only do the phishing pages mimic HMRC's web interface meticulously, but they also have entire online banking workflows built into them, depending on who your banking provider is.

Brovko was tasked with sifting through the logs of these botnets for internet banking credentials vacuumed by the malware, which were subsequently used by fellow conspirators to steal millions of dollars from Americans' accounts in fraudulent transfers. "Where his computer code could not effectively parse the data, Brovko supplemented his computer-automated efforts with manual searches of the data," his indictment [PDF] noted.

The Wroba mobile banking trojan has made a major pivot, targeting people in the U.S. for the first time. Where Android users are served up the full Wroba download, according to researchers, the executable doesn't work on iPhone.