Finance

Finance

Fake company pushes phony cryptocurrency app to spread Mac malware

It appears North Korean hackers have revisited a tried-and-true scheme to attack Mac owners who work at cryptocurrency exchanges: creating a fake company and corresponding cryptocurrency trading app that actually infects users with malware. Researcher Patrick Wardle, creator of OS X security firm Objective-See, reported in a blog post late last week that malicious actors…

Stolen credentials used to access TransUnion Canada’s consumer credit files

A malicious actor used stolen credentials to access a web portal operated by credit reporting agency TransUnion Canada and then used that portal to access consumer files. This week, BleepingComputer posted a report containing scanned images of a disclosure notification that TransUnion Canada has begun mailing out to affected consumers. The notification, dated Sept. 19,…

Criminals’ security lapses enable discovery of Geost mobile banking trojan

Thanks in no small part to the perpetrators’ own sloppy operational security, researchers have uncovered a large Android banking trojan scheme that may have impacted hundreds of millions of Russians. Dubbed Geost, the malware is distributed via a malicious cybercriminal botnet operation consisting of 13 command-and-control servers and more than 140 malicious domains, according to…

Tricks of the trade: Mac malware impersonates trading app

Researchers have uncovered two variants of information-stealing Mac malware that impersonates a legitimate stocks and cryptocurrency trading application. The two variants, identified by Trend Micro as Trojan.MacOS.GMERA.A and Trojan.MacOS.GMERA.B, both include a copy of Stockfolio version 1.4.13, along with the malware author’s digital certificate and various malicious components. The first variant’s components include a Mach-O…

Report: Scotiabank exposed source code and credentials on GitHub repositories

For months in some instances, Canadian banking giant Scotiabank reportedly stored highly sensitive digital property on a series of publicly open and accessible GitHub repositories, potentially exposing its internal source code, login credentials and access keys. The financial institution had the repositories “torn down” earlier this week after being alerted to the error, according to…

Software automates fake purchases on compromised credit cards

CFPB probes fake credit card accounts at Bank of America

The Consumer Financial Protection Bureau (CFPB) has been probing of Bank of America (BoA) for allegedly opening customer credit card accounts with authorization a la Wells Fargo. The BoA investigation emerged after the bureau posted documents to its site showing the back and forth regarding turning over emails and other records with the bank’s attorneys,…

Fake VPN and office software websites spread Bolij.2 banking trojan

Cybercriminals recently set up impostor websites for the NordVPN virtual private network service and two office software products, in an attempt to infect visitors with the Win32.Bolij.2 banking trojan, according to researchers. Launched on Aug. 8, the fake NordVPN site, nord-vpn[.]club, has already drawn thousands of visitors so far this month, Dr.Web reports in an…

European Central Bank confirms BIRD site hacked, contact info stolen

Unauthorized third parties hacked European Central Bank (ECB) Banks’ Integrated Reporting Dictionary (BIRD) website, nicking email and other contact information on 481 subscribers and prompting the bank to shut down the website indefinitely. “The breach succeeded in injecting malware onto the external server to aid phishing activities,” the ECB said in a release, adding that…

Next post in Security News