Security experts hope information gleaned by this probe into two affected processors could protect others in the financial industry.
For their role in a brazen heist, eight New York-area individuals are accused of withdrawing around $2 million in one day from hacked prepaid debit card accounts. Globally, the crime ring was responsible for stealing around $45 million.
The trojan carries out a one-time password scam. Researchers who studied the new malware strain, affecting U.K. bank customers, said they are fascinated by the attention to detail the fraudsters applied to the ruse.
Despite the arrests of Gozi ringleaders, the banking trojan still persists and is behind thousands of new infections in the United States.
Law enforcement in Russian and Ukraine have dealt a major blow to a prolific banking malware operation.
Finance companies should adopt an approach of least privilege, which takes into account security and productivity by granting users only the rights necessary to carry out their jobs.
A representative of JPMorgan Chase has confirmed the website of the banking giant suffered a distributed denial-of-service attack Tuesday.
A group of hackers is dissatisfied with efforts to remove an anti-Muslim video from YouTube.
Two men have been indicted in Manhattan on charges they operated a nationwide ATM skimming ring that defrauded bank customers out of more than $3 million, the U.S. attorney's office has announced.
A hacktivist group said Tuesday it has suspended its online barrage against dozens of U.S. banks after one of the highest-viewed YouTube videos of "Innocence of Muslims" came down.
Financial institutions under the FFIEC's jurisdiction have 60 days to comment on proposed guidance designed to ensure they are managing their risk when using social media.
Gozi's creator, Nikita Kuzmin, pleaded guilty to computer intrusion and fraud charges, which could mean 95 years in prison.
Results from a new survey reveal that financial institutions are becoming more successful at reducing fraudulent transactions, as banks improve their protocols and technology and customers become more security conscious.
DDoS attacks against financial institutions in the U.S. may continue unless an anti-Muslim film is pulled offline, hacktivists allege. But a New York Times report said Iran is actually behind the bank website disruptions.
A hacktivist group claims it already has launched the second phase of DDoS strikes against U.S. banks.
The Office of the Comptroller of the Currency offered best practices and a compliance reminder for banks seeking to guard against DDoS attacks, which often signal that a bigger problem is happening behind the scenes.
An information-gathering trojan has successfully compromised servers at a number of U.S. financial institutions, according to researchers at security firm Symantec.
RSA researchers believe individuals behind the Carberp botnet are taking advantage of an opening in the marketplace, left by the withdrawing Citadel network.
McAfee has released new findings that incline its researchers to believe the trojan will be a "credible threat" for banks next year.
Judges now may be more apt to take side of small and midsize businesses, not their banks, thanks to a settlement that will allow a small Maine developer to recoup some of its losses from an account takeover.
The latest strain of banking trojan Shylock invokes a new method to circumvent the prying eyes of security researchers.
Comparable to the United States' Automated Clearing House (ACH) electronic payment system, SEPA is now being targeted by fraudsters looking for new ways to extort money.
Fraudsters tampered with the point-of-sales devices at a number of locations to steal customers' debit and credit card information.
The latest Citadel version allows botmasters to more easily deliver instructions to computers under their control.
Security researchers at RSA warned Thursday that a sophisticated plan is being hatched online to raid the bank accounts of customers at some 30 banks in the United States.
Atlanta-based payment processor Global Payments expects to take a hit of another $55 to $65 million related to a data breach it sustained earlier this year.
A new round of DDoS attacks against U.S. financial institutions are underway this week, and they may be related to an anti-Muslim film trailer that has sparked worldwide outrage.
An online collective citing opposition to banks and the arrests of fellow hacktivists has published one million stolen records.
A Chicago woman with roots in Nigeria was sentenced this week to 30 months in prison for playing a key role in extracting cash from the bank accounts of individuals whose prepaid payroll information was stolen in a massive 2008 breach.
Breached payment processor Global Payments announced Thursday that it has completed its investigation into the incident, and determined the clean-up and response will cost $84.4 million.
In a major victory for organizations that have sustained massive losses due to unauthorized transactions made by hackers, an appellate court has ruled in favor of a Maine construction company against its bank.
A jury in New Jersey has found a Georgia man guilty for his role in a fraud ring that cost financial companies some $1.5 million.
According to an amended complaint filed last week in U.S. District Court in Brooklyn, Microsoft has named two defendants in its Zeus civil lawsuit who previously were listed as "John Does." They currently are in prison.
Variants of the SpyEye and Zeus toolkits are being used in a global fraud ring to evade multifactor authentication and raid high-balance accounts.
A new attack method, automatic transfer system (ATS), is being used in conjunction with popular crimeware kits to create "man-in-the-browser" assaults on bank accounts.
Financially minded cyber criminals are attempting to hijack corporate bank accounts at increasing rates, but they are finding less luck in actually getting money out of them, a new study shows.
While Global Payments investigated the breach of its North American processing system, it turned up another intrusion, this one impacting merchants.
Fourteen people from South Florida have been charged in connection to a bank fraud ring in which the accounts of unsuspecting customers were accessed to transfer money.
A group of six has been charged in the latest scam to defraud bank customers through the use of skimming devices, a trend that has seen a noticeable uptick in arrests and prosecutions over the past year.
Traditional mafia groups are entering the cyber crime scene in Russia, which is leading to more centralization and professionalization -- and bigger profits.
A third defendant accused of participating in an ATM skimming spree that hit banks in Connecticut, Massachusetts and Rhode Island has pleaded guilty.
Visa is advising its customers to be wary of phone scams in which fraudsters request their credit card information under the guise that they need it for "security reasons" in light of the major data breach that affected Global Payments, according to a Tuesday alert from Visa.
Global Payments, a major credit card processor based in Atlanta, is off Visa's approved list after it confirmed it was breached of some 1.5 million card numbers. The incident, however, is still shrouded in some mystery.
A 33-year-old Maryland man on Friday was sentenced to 5 1/2 years in prison for participating in an identity theft and credit card skimming scheme, according to the U.S. attorney's office in Alexandria, Va.
Banking trojan Zeus and its related families, which have looted a number of small and midsize businesses to the tune of millions, may be partially crippled after the latest Microsoft botnet enforcement effort.
Two men have been charged with applying a new take on ATM skimming fraud -- placing the data-stealing device on the card reader at the door, not on the actual cash machine.
The EMV standard, widely considered an effective way to curb counterfeit card fraud because it requires a microchip to be embedded in a credit or debit card or on a mobile device, is gradually picking up steam in the U.S.
The federal Securities and Exchange Commission has charged a Latvian man with participating in a scheme that manipulated the value of more than 100 New York Stock Exchange and Nasdaq stocks.
Visa has issued best practices that detail how retailers, card issuers and processors can upgrade their credit card transaction technology to a chip-based model, so to avoid burdensome complexity, cost and time to market.
A Romanian citizen, with an expired U.S. visa, has been arrested on charges of serving as the "installer" of skimming devices on some 40 ATMs in the New York City area.
A 21-year-old Connecticut woman on Tuesday pleaded guilty to participating in an ATM skimming operation between February and July, the U.S. attorney's office in Connecticut said.
The defendants were part of a coordinated operation that resulted in the theft of more than $2 million from JP Morgan Chase Bank, TD Bank, Citibank, Discover and American Express.
After more than two years of litigation, a U.S. District judge has dismissed nine of the 10 causes of action brought forth as part of a class-action lawsuit by nine banks.
A former bank executive has been sentenced to 33 months in prison for committing 84 fraudulent wire transfers that deposited $673,000 of UBS Securities funds into his personal accounts.
Two of the three men accused of swiping the debit card credentials of 1,490 ATM users in Manhattan remain behind bars. The other defendant is at large.
Attackers have been circulating a trojan via email messages with subjects such as "ACH payroll payment was not accepted by Central Trust and Savings Bank."
Cybercriminals typically ramp up their phishing efforts during the holiday season and following natural disasters, according to the American Bankers Association.
While TD Ameritrade maintains that no identity theft resulted because of a 2007 breach, it has decided to compensate customers "in the interest of helping ease" their concerns.
A couple from New York state is seeking class-action status for a lawsuit against Citigroup, alleging that the third-largest U.S. bank has "taken no steps" to protect victims in the wake of a massive data breach, according to reports. Citi admitted in June that 360,083 accounts - about 1.5 percent of its card customer base - were compromised in the attack, in which hackers infiltrated the online banking platform, Citi Account Online, and viewed customer account numbers and contact information.The plaintiffs, Kristina and Steven Orman of Northport, N.Y., filed the suit on Friday in response to fraudsters allegedly charging their credit cards and stealing money from their bank accounts.
The organized structure of a huge identity theft operation, based in New York, allowed members to make millions in profits.
A senior analyst at Countrywide Financial was ordered to pay $1.2 million in restitution after pleading guilty to his role in a scam to steal personal data of customers.
Despite fresh guidance and quicker fraud detection, the FBI actively is investigating more than 400 cases of corporate bank account takeovers, an official told federal lawmakers last week. Gordon Snow, the FBI's assistant director of the cyber division, told a House Financial Services subcommittee that these cases, in which criminals initiate unauthorized Automated Clearing House and wire transfers from seized accounts belonging to mostly small and midsize businesses, have resulted in the attempted theft of more than $225 million and actual losses of around $85 million. In his remarks, Snow also discussed risks related to ATM skimming, mobile banking and supply chain compromise.
Microsoft has introduced a "fairly major" update to its Malicious Software Removal Tool to detect and kill infections of the insidious and constantly morphing data-stealing malware family known as Zbot, or Zeus. Since the software giant first added detection for Zeus last October, hundreds of thousands of Windows PCs have been expunged of the threat, prominent in banking and e-commerce fraud. But as Zeus, which recently merged code bases with SpyEye, continues to acquire advanced evasion capabilities, Microsoft has had to fight "sneakiness with sneakiness," according to a blog post on Wednesday. The company introduced the update as part of its monthly security patches, released on Tuesday.
Researchers at Trend Micro say they have been hot on the tracks of a corporate hacker, and now they are turning over their findings to U.S. law enforcement.
As attackers have found a way to break traditional online banking security controls, recently issued guidelines offer some new advice for financial institutions.
Amazon's Simple Storage Service (S3) is being used to host malicious sites distributing the nefarious banking trojan.
The U.S. Senate Judiciary Committee next week plans to hold a hearing focused on updating the Computer Fraud and Abuse Act (CFAA), a national anti-hacking law first enacted in 1984 that makes it illegal to access government or financial institution computers without authorization. A White House cybersecurity legislative plan to Congress, released in May, proposed broadening the scope of CFAA and increase penalties under the statute. Witnesses for the hearing are scheduled to include James Baker, associate deputy attorney general for the U.S. Department of Justice, and Pablo Martinez, deputy special agent in charge of the Criminal Investigative Division of the U.S. Secret Service. The hearing is planned for 10 a.m. on Aug. 3 and can be viewed online.
The long-awaited update to the Federal Financial Institutions Examination Council (FFIEC) guidelines around authentication has been released.
A Los Angeles man has earned considerable time behind bars after serving as the U.S. head of a phishing operation that stole more than $1 million from the customers of two banks.
The largest Bitcoin currency exchange market, Mt.Gox, is currently offline after suffering a cyberattack that caused the market to crash.
Criminals are targeting the digital currency Bitcoin with new malware designed to steal victims' online wallets, several security firms warned this week.
Citigroup revealed Wednesday that hackers gained access to the account information of significantly more customers than originally thought. In an updated news release issued Wednesday, the nation's third-largest bank said that after completing an investigation, it concluded that 360,083 accounts were compromised in the attack, in which hackers infiltrated Citibank's online banking platform, Citi Account Online, and viewed customer account numbers and contact information, including email addresses. Additional data that would be needed to commit fraud, such as expiration dates or card security codes, was not exposed. Citigroup originally reported that 210,000 account holders were affected.
The International Monetary Fund (IMF) has suffered a major cyberattack, the latest incident in a string of cyberattacks against high-profile organizations.
Citibank, the third largest bank in the U.S., this week disclosed that hackers broke into its systems and gained access to the personal information of hundreds of thousands of customers.
In a potentially precedent-setting court ruling, a U.S. magistrate judge has ruled that a bank is not responsible for covering the loss of nearly $300,000 that was illegally wired out of the bank account belonging to a Maine construction company.
Researchers at KnowBe4 sent simulated phishing messages to more than 3,500 small and midsized enterprises and found that recipients at nearly 500 companies clicked on a link contained in the message.
The FBI is probing 20 new cases of U.S. businesses losing millions of dollars to cybercriminals, who then siphoned off the cash to accounts in China.
The Texas comptroller's office on Wednesday will begin notifying 3.5 million state employees and retirees that their unencrypted personal data was inadvertently posted to a public server.
A growing list of companies, including Capital One, U.S. Bank, Citigroup and JPMorgan Chase, are notifying customers that their email addresses were stolen by hackers.
Federal agents arrested the alleged ringleader of an international securities fraud racket that used hackers, botnet operators and email spam to drive up the value of stocks.
A software programmer charged with copying secret financial trading code from Goldman Sachs computers was sentenced Friday to eight years in prison. Sergey Aleynikov, 41, a naturalized U.S. citizen who emigrated from Russia, had resigned from his $400,000-a-year Goldman Sachs position in June 2009 to take a new job in Chicago. Before going, however, he uploaded code related to the firm's proprietary trading program from his workstation to a server in Germany and then downloaded it to his computers at home. Aleynikov was also ordered to pay a $12,500 fine and serve three years of supervised release following his sentence.
A new banking trojan targeting U.S. customers has the ability to keep online account sessions open after customers believe they have logged off, enabling criminals to surreptitiously steal money.
Reports are breaking of a breach of two high-level finance ministries in Canada. The attack, which occured last month, purportedly originated in China, but as in earlier cases, the attackers may have routed the intrusion through China to disguise their origin. The executive offices of the Finance Department and the Treasury Board were penetrated through the use of social engineering tactics, which involved fake emails sent to government employees to trick them into giving up passwords. A government spokesperson claimed there was no indication any classified information was siphoned off. A Chinese foreign ministry spokesperson denied any involvement by China. - GM
Tools that better classify data, provide deep-packet inspection and offer risk management for organizations migrating to the cloud are three solutions areas ready to make their mark in the security industry, predicted a panel of CISOs on Tuesday.
The Financial Stability Industry Council (FSIC) appointed its first executive director, Don Truslow, a former chief risk officer for Wachovia, where he held leadership positions in finance, risk management and corporate banking. The FSIC promotes the interests of financial services firms before government entities. Truslow has been a member of the organization's Roundtable Council since 1999. - GM
Incidents of identity fraud declined last year, thanks in part to fewer reported breached records, but the cost per incident rose, according to a new survey.
Nasdaq OMX, the company that runs the world's largest electronic stock exchange, said it detected suspicious files on its U.S. servers.
A New York stock broker has been indicted for his role in a spam-driven, pump-and-dump stock scheme that involved junk mail king Alan Ralsky.
Fraudulent emails claiming to come from the Federal Deposit Insurance Corp. (FDIC) are attempting to trick users into handing over their sensitive personal information, the agency said in a warning issued Wednesday to clients and customers. The messages claim that the FDIC has withdrawn deposit insurance from the targeted user's account "due to account activity that violates the Patriot Act." Recipients are directed to follow a link included in the message that could lead to phishing sites or malware, the agency said. Financial institutions and consumers should not follow the link or provide any personal information. - AM
A new survey from Cisco reveals that organizations are getting better at handling their obligations to meet payment industry security guidelines.
Visa has enhanced the security of its electronic credit card authorization system, known as VisaNet, to improve the speed and accuracy of fraud detection, the card brand announced Thursday. Earlier this year, Visa improved the processing platform of its Advanced Authorization technology so that it can analyze more information and perform more functions faster. "This provides Visa with a comprehensive view into the global payments system, leading to high levels of intelligence around spending patterns and improving the company's ability to detect and prevent fraud in near real-time," Visa said. The company believes the improvements could lead to a 29 percent gain in fraud detection over 2009. - DK
A new Zeus botnet is targeting the credit card accounts of several major U.S. retailers, including Macy's and Nordstrom, according to researchers at online banking security firm, Trusteer.
Lawyers, doctors and accountants may avoid having to comply with the Federal Trade Commission's new identity theft rule.
The FBI issued a warning on Wednesday about so-called "smishing" and "vishing" scams, which are likely to be prevalent this holiday season.
A Malaysian man was indicted Thursday on charges he hacked into the networks of a number of financial institutions to amass some 400,000 stolen credit and debit card numbers, according to federal prosecutors.
Vulnerabilities in web applications remain the preferred entryway for crooks seeing valuable company information, Rob Lamb, vice president of IBM security products, said Wednesday at SC Congress Canada in Toronto.
The mobile application threat space still is in its infancy, but organizations should be planning for the possibility of things heating up in the near future, said the security director of a major bank in Canada.
Bump Technologies, maker of the popular data exchange application Bump, said it has corrected a problem that could have exposed users' information.
Two Moldovan men were charged this week for their involvement with the Zeus trojan, which has been used to steal millions of dollars from U.S. bank accounts. Dorin Codreanu and Lilian Adam, both 21, are believed to have been "money mules," responsible for transferring stolen funds to accomplices overseas. The pair was arrested in Wisconsin and is set to be transferred to New York to face charges of conspiracy to commit bank fraud, according to reports. The men are among the 37 individuals charged late last month in U.S. District Court in Manhattan for their role in the scheme. — AM
A new phishing campaign attempts to steal money from members of USAA, a banking and insurance firm for U.S. military members and their families, researchers at email security firm AppRiver warned Tuesday. Researchers have noticed heavy traffic related to the spam run, whose messages include a link that directs users to a fake USAA login page, Troy Gill, security analyst at AppRiver, wrote in a blog post. The company has discovered more than 1,500 unique domains being used in the attack. — AM
