Security News

Resecurity uncovers STYX, new cybercriminal platform focused on financial fraud
2023-04-06 06:10

Resecurity has recently identified the STYX Innovation Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. This platform is specifically designed to facilitate financial crime, providing cybercriminals with a range of services, including stolen financial data, credit card information, forged documents, money laundering services, victim reconnaissance 'lookups', and more.

The staggering cost of identity fraud for financial services
2023-04-06 03:30

The impact of identity fraud varies for organizations in the financial services industry, based on whether they belong to the banking or FinTech sector, according to Regula. When asked to evaluate the cost of the identity fraud they had experienced, the banking sector was found to be the most severely impacted, with a median financial burden of over $310,000.

New dark web market STYX focuses on financial fraud services
2023-04-05 21:29

A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a thriving hub for buying and selling illegal services or stolen data. However analysts at threat intelligence company Resecurity noticed mentions of STYX on the dark web since early 2022, when the founders were still building the escrow module.

Nexus Android malware targets 450 financial applications
2023-03-29 13:58

Nexus malware is an Android banking trojan promoted via a malware-as-a-service model. In an underground cybercrime forum ad, the malware project is described as "Very new" and "Under continuous development." More messages from the Nexus author in one forum thread indicate the malware code has been created from scratch.

Latitude Financial data breach now impacts 14 million customers
2023-03-28 13:50

Australian loan giant Latitude Financial Services is warning customers that its data breach is much more significant than initially stated, taking the number of affected individuals from 328,000 to 14 million. Australian loan giant Latitude Financial Services has released an updated data breach notification warning customers that the breach is much more significant than initially stated, taking the number of affected individuals from 328,000 to 14 million.

Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
2023-03-23 11:55

An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. "Nexus provides all the main features to perform ATO attacks against banking portals and cryptocurrency services, such as credentials stealing and SMS interception."

FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
2023-03-17 18:15

An Android voice phishing malware campaign known as FakeCalls has reared its head once again to target South Korean users under the guise of over 20 popular financial apps. FakeCalls was previously documented by Kaspersky in April 2022, describing the malware's capabilities to imitate phone conversations with a bank customer support agent.

Fighting financial fraud through fusion centers
2023-03-13 05:00

Keeping up with financial fraud is incredibly difficult because accurate fraud detection requires a deep, real-time analysis of all the events surrounding a transaction. Teams need to have a portfolio of techniques to call upon, a centralized structure for identifying and combatting threats, and an agile approach to fight cyber-attacks and financial fraud.

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity
2023-03-08 10:34

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the exploitation of a zero-day in the same program.

C-suite execs expect cyberattacks targeting financial data to increase this year
2023-02-09 17:26

The participants were asked about attacks targeting the financial and accounting data of their organizations. Looking ahead, almost half of the executives polled expect both the volume and size of cyberattacks targeting this type of data to increase in the coming year.