Finance News, Articles and Updates

NukeBot banking malware author leaks code to salvage cybercrime forum cred

The author of a powerful banking trojan has reportedly leaked his own source code in order to get back into the good graces of the greater cybercrime community, which shunned him for breaches of rules and etiquette on cybercrime forums.

Switzerland to build AI cognitive security ops centre to protect banks

Switzerland's cognitive security operations centre will be built around IBM Watson for Cyber Security and provide in-country support to the banking sector.

U.S. expected to charge North Korea for role in Bangladesh Bank digital heist

U.S. prosecutors are reportedly building a case against Nort. Korea to examine the nation's potential role in the 2016 Bangladesh Bank digital heist

Cybersecurity spending varies but best practices still save

It's no secret that calculating an individual or company's risk varies between each task as the economics of cybersecurity remain uncertain.

Cybercrime Blotter: Kolypto hacker pleads guilty to his role as Citadel malware co-developer

Russian national Mark Vartanyan pleaded guilty on Monday to one count of computer fraud in related to his role in co-developing and distributing Citadel malware under the hacker alias Kolypto.

FireEye says criminals now as sophisticated as nation states

FireEye's annual M-Trends report finds that financial attacks have reached nation-state level of sophistication.

New Cifas data reveals 173,000 cases recorded in 2016, record high

Nine out of 10 fraudulent applications for bank accounts and other financial products made online.

Symantec finds fake AV being distributed using HSBC phishing emails

Fake HSBC emails are being spread, asking users to install a malicious version of Rapport, a legitimate security program designed to protect online bank accounts from fraud.

New Dridex borrows from AtomBombing code injection technique, UK banks already targeted

Developers behind Dridex have launched a major new version of the banking trojan, one that employs a unique method for injecting malicious code based on a technique called AtomBombing. And UK banks already feel the heat.

RTM cyber gang targets Russian businesses that conduct remote banking

Preying on Russian businesses that rely on Remote Banking Systems, the cybercrime group RTM is using backdoor malware to first silently compromise systems, and then perform reconnaissance, swipe data and steal funds.

Kaspersky: Banking malware attacks up 30.6% in 2016; finance sector phishing also more prevalent

The number of cyberattacks targeting financial institutions and their customers soared to new heights in 2016, according to Kaspersky Lab, which observed nearly 1.09 million banking trojan attacks on users in 2016.

Malware targeting banks contains apparent false flags designed to frame Russians

Malware samples recovered from watering hole attacks recently targeting banks across the globe contain false flags that fraudulently suggest Russian actors are behind the campaign, even though the most likely culprit is the Lazarus Group.

17K affected in W-2 data breach at American Senior Communities

A company payroll worker was likely duped by a W-2 phishing scam resulting in cybercriminals filing false returns using stolen data.

Uber drives down alert fatigue with customized data sets

To combat alert fatigue among its security analysts, transportation service Uber applies specially customized data sets to flagged incidents to help distinguish between genuine threats and non-malicious activities.

New Android downloader masquerading as Flash Player update

Users who install the malware might find their mobile devices held to ransom or bank accounts emptied.

Attackers steal from ATMs after infecting banks with memory-only malware

One or more unidentified hacker groups are leveraging free and commonly available pen testing tools to attack enterprises in the finance, government and telecom sectors with "fileless" malware that resides only in a machine's RAM, making it extremely difficult to detect and analyze.

InterContinental Hotels Group announces breach at 12 U.S. properties

The InterContinental Hotels Group announced 12 of its U.S. hotels were affected by a payment card breach.

Flokibot trojan spotted targeting Brazilian POS infrastructure

Arbor Networks researchers spotted the Flokibot malware family to target Point of Sale Infrastructure in Brazil and other countries.

Terdot Zloader/Zbot combo abuses certificate app to pull off MITM browser attacks

The downloader Terdot Zloader and its accompanying Zbot banking trojan payload abuse a legitimate certificate application to spy on users and modify web content via man-in-the-middle attacks against browsers, an in-depth code analysis shows.

Three men convicted of ATM hacking in Taiwan, another 19 at large

Three Eastern European men have been jailed in Taiwan over theft from cash machines in the country.

Russian hacker wanted by U.S. arrested in Spain

Russian national Stanislav Lisov who is wanted by the United States on hacking charges was arrested in Spain earlier this week.

New York State revises its sweeping cyber regulation proposal for financial sector

The New York State Department of Financial Services (DFS) on Wednesday released a revised draft of an ambitious regulation designed to protect the state and its citizens from cyberattacks against financial institutions.

Cyber bank thief sentenced to five-plus years in U.K. prison

A 29-year-old man who infected computers around the world with malware and stole roughly $1 million from victims' bank accounts was sentenced to five years and three months in a U.K. prison.

GozNym hacker faces 100 years in prison

U.S. authorities charged Bulgarian hacker, Krasimir Nikolov, age 44, with the GozNym malware attacks.

European banking breach guidelines more strict than EU GDPR

Guidelines to payment service providers, supplied by the European Central Bank, call for reporting of a breach within two hours compared to the EU GDPR requirement for reporting within 72 hours.

Zcash could spell reemergence of mining botnets

Kaspersky Lab researchers warn the growing popularity of Zcash could result in the return of attackers infecting users with malicious miners.

Russia's banks will be hacked today, apparently

Russia's security service, the FSB, said on Friday that Russia's banks will be attacked by foreign powers in an attempt to destabilise Russia's financial system.