Finance | SC Media

Finance

Brazilian 'bolware' gang targeted $3.75B in transactions, RSA finds

COVID-19 phishing campaigns reel in victims with stimulus fund lures

Email-based phishing schemes continue to trick victims with promises of coronavirus information, cures and vaccines, but now some fraudsters are also sending their targets lures related to the U.S. government-approved stimulus checks promised to most Americans. The latest evidence of this is a new report, authored by Abnormal Security, which details a scheme to impersonate…

U.S. indicts four Chinese military members over Equifax breach

The U.S. Department of Justice has charged four members of the Chinese People’s Liberation Army with nine criminal counts, accusing them of orchestrating and carrying out the 2017 hack of credit reporting agency Equifax. An indictment returned by a federal grand jury in Atlanta and unveiled today by the DOJ alleges that Beijing residents Wu…

Travelex recovering from ransomware, but more firms at risk of VPN exploit

Beleaguered foreign currency exchange company Travelex confirmed on Friday that the first of its U.K.-based customer-facing systems were back up and running after the New Year’s Eve discovery of Sodinokibi ransomware on its network prompted a shutdown of key systems. Meanwhile, a worrisome report revealed that dozens of major U.S. organizations and businesses have also failed…

Aussie P&N bank suffers data breach

The Australian P&N Bank reported a data breach that exposed detailed and sensitive financial information on an unspecified number of customers. Access was gained on December 12 to the bank’s customer relationship management system, which is operated by a third-party hosting firm, was undergoing an upgrade. Details on how it was accessed were not revealed,…

Locky Ransomware

Sodinokibi ransomware ID’d as cause of Travelex business disruptions

The malware that has disrupted foreign exchange finance company Travelex’s ability to conduct digital transactions since New Year’s Eve has been identified as Sodinokibi ransomware. The malicious encryption software, which operates on a Ransomware-as-a-Service model, may have been delivered via unpatched, vulnerable Pulse Secure VPN servers and it is believed that the attackers are now…

Travelex sidelines online financial services following malware discovery

Foreign exchange financials company Travelex has suspended its UK-based digital services offline since New Year’s Eve, following the discovery of an undisclosed malware program. As of Jan. 3 at 11:30 a.m. ET, the London-based company remains unable to conduct monetary transactions via its website or app. Services are still being conducted manually, however. “We have…

Three GozNym members sentenced domestically, internationally

A three-year-old investigation and prosecution of cybercriminals aligned with the multinational GozNym network resulted last week in the sentencing of a Bulgaria resident in a Pittsburgh federal court. In a related action, a Tbilisi, Georgia court handed down prison sentences of seven and nine years to two Georgian members of the group, following a lengthy trial. In…

Rising sea and spam levels? Emotet campaign uses Greta Thunberg as lure

An Emotet banking trojan phishing campaign was spotted using the name of activist Greta Thunberg as a lure to target individuals concerned with climate change. The attackers behind the campaign recently sent out fake invitations to a nonexistent “climate crisis” demonstration supposedly led by the young Swedish activist, who was named Time’s 2019 Person of…

Phishing operation picking on Canadian banks since at least 2017

Researchers recently discovered a large-scale phishing email operation that has been targeting primarily customers of Canadian banking chains since at least 2017. The emails generally attempt to trick recipients into revealing their credentials on a phishing page that utilizes a lookalike domain and impersonates a log-in screen. Researchers with Check Point Software Technologies uncovered the…

U.S. charges alleged members of “Evil Corp” cybercrime group for Zeus and Dridex campaigns

The U.S. today announced legal and regulatory action against the powerhouse cybercriminal group Evil Corp, filing hacking and bank fraud charges against two of its suspected members. Authorities are also offering a $5 million bounty for information leading to the arrest or conviction of one of the group’s alleged masterminds, 32-year-old Maksim Yakubets of Moscow,…

Next post in Cybercrime