Security News

MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature
2023-08-30 15:12

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can capture user input and screen content, and can also remotely control victim devices through various techniques, enabling its operators to carry out bank fraud on the victim's device," Trend Micro said.

New Financial Malware 'JanelaRAT' Targets Latin American Users
2023-08-14 10:25

Users in Latin America are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information from compromised Microsoft Windows systems. "JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions," Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it "Abuses DLL side-loading techniques from legitimate sources to evade endpoint detection."

Dark web activity targeting the financial sector
2023-08-08 04:00

In this Help Net Security video, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, discusses threats against the financial sector. Threat actors will invariably target banks, yet by keeping an eye on the dark web, these institutions can identify illegal activities during their initial planning or pre-attack phase.

EU’s financial institutions face cyber resilience crisis
2023-08-01 03:00

84% of financial institutions have been exposed to a fourth-party breach - illustrating how a vast web of unseen risks are hiding in plain sight. "If nearly 20% of the most well-resourced financial entities in the EU have grades of C or worse, then it's likely that the overall cyber resilience for other financial entities is actually much lower," said Matthew McKenna, Chief Sales Officer, SecurityScorecard.

A fresh look at the current state of financial fraud
2023-07-20 04:00

In this Help Net Security video, Greg Woolf, CEO at FiVerity, discusses how the emergence of sophisticated fraud tools powered by AI and recent upheavals in the banking sector have forged an ideal environment for financial fraud. This complex scenario presents considerable obstacles for financial establishments to defend themselves efficiently.

Singapore tells crypto operators: act like grown up financial institutions
2023-07-05 06:24

In measures floated in October 2022 and to be enacted by the end of 2023, Singapore's Monetary Authority will require operators to hold customer assets under a statutory trust segregated from their own assets. Crypto outfits are also barred from facilitating retail customer lending and staking - the term for locking up crypto assets for a set time to support blockchain validation.

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants
2023-06-09 15:53

Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle phishing and business email compromise attack, Microsoft has revealed. "The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC activity spanning multiple organizations," the tech giant disclosed in a Thursday report.

From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise
2023-05-25 16:00

TechRepublic Premium Bring your own device policy PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems .....

Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands
2023-05-18 06:39

A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to tens of thousands of victims in the country. Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, has been accused of setting up a carding site called Skynet Market that specialized in the trafficking of credit and debit card data.

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
2023-05-02 07:09

In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been observed leveraging the technique to deliver a new Windows-based financial trojan and information stealer called LOBSHOT. "LOBSHOT continues to collect victims while staying under the radar," Elastic Security Labs researcher Daniel Stepanic said in an analysis published last week. The American-Dutch company attributed the malware strain to a threat actor known as TA505 based on infrastructure historically connected to the group.