Finance | SC Media

Finance

Grab-and-go Baldr stealer malware proves popular among thieves

By

A new stealer malware dubbed Baldr has been taking the cybercrime market by storm with its capabilities including user profiling, sensitive data exfiltration, shotgun file grabbing, screencapping, and  network exfiltration. Malwarebytes researchers have been monitoring the malware for the past few months and said it is the work of three threat actors: Agressor handled distribution,…

Upgraded Cardinal RAT malware targets Israeli fintech firms

By

A pair of Israeli financial technology companies were recently the target of a malware campaign featuring an updated version of the rarely seen Cardinal remote access trojan, researchers from Palo Alto Networks’ Unit 42 team are reporting. And in a possibly related incident, one of the two unnamed companies was similarly attacked with EVILNUM, a…

Is PSD2 the next GDPR? Not quite, but…(video)

By

The finance, banking and payment services industries have until September 2019 to comply with PSD2, a revised set of European Union regulations that give consumers more options and safer ways to make payments online. At RSA 2019, Geoff Sanders, director of product at anti-fraud and MFA company iovation (and former co-founder and CEO of iovation…

ghostlyskullmobilemalware_826540

Shifty new variant of Qbot banking trojan spreads

By

An active malware campaign primarily targeting U.S. corporations with a new polymorphic variant of the Qbot banking trojan has been compromising thousands of victims around the world, researchers have reported. The worm-like malware, whose original version is roughly a decade old, allows attackers to collect browsing activity and steal bank account credentials and other financial…

Palisades Park receives $200,000 advance after cyberattack

By

As proof that not all cyberattacks leave victims broke and out of luck, the New Jersey borough of Palisades Park received a $200,000 advancement on its insurance claim this week after a breach at Mariner’s Bank, based in the nearby town of Edgewater, drained nearly half a million dollars from its accounts. Last month, a…

New 'Rombertik' malware destroys master boot record if analysis function detected

Malspam campaign fakes Google reCAPTCHA images to fool victims

By

A recently discovered malspam campaign targeting customers of a Polish bank was found using forgeries of Google reCAPTCHA images to fake legitimacy. The banking malware was delivered via phishing emails that purported to seekin confirmation of a recent banking transaction that in reality never occurred, according to Feb. 21 blog post published week by Sucuri. Recipients…

Wendy’s to pay $50M in data breach settlement

By

Wendy’s has agreed to pay $50 million to settle negligence claims following its 2015-2016 data breach that affected more than 1,000 of the burger chain’s locations. Payment card data was stolen from victims who purchased food at these locations then used fraudulently at other merchants after malware was installed through a third-party vendor. The settlement…

Phishing emails imitate North American banks to infect recipients with TrickBot

By

An spam-based phishing campaign recently targeted North American banking customers with malicious Excel documents designed to infect victims with a new variant of the information-stealing TrickBot banking trojan, researchers reported earlier this week. The scam dates back to at least Jan. 27 and peaked in volume on Jan. 30, according a new blog post from…

Russians targeted in Redaman banking malware operation

By

An ongoing email phishing campaign designed to spread Redaman banking malware aggressively targeted Russian-speakers, especially those with .ru addresses, over the last four months of 2018. Researchers at Palo Alto Networks’ Unit 42 division reported this week in a company blog post that from September through December, its threat intelligence service detected 3,845 email sessions…

Google Play boots fake apps that spy on devices’ motion sensor data before dropping Anubis malware

By

A fake currency converter and a phony battery utility program are among the latest fraudulent apps to be expunged from Google Play, according to researchers who discovered they were infecting users with a version of the Anubis banking malware family. Both fraudulent apps employ a crafty technique to determine whether it is safe for them…

Next post in Security News