Finance | SC Media

Finance

More Chinese tax software found to dish out backdoor malware

A second tax software program associated with the Chinese banking industry has now been found to contain an embedded backdoor that secretly grants attackers SYSTEM-level privileges. In late June, researchers from Trustwave SpiderLabs reported that accounting software called Intelligence Tax, developed by Chinese information security company Aisino Corporation and distributed to global clients of an…

‘GoldenSpy’ tax software campaign tries to erase evidence of malware

The actors behind a campaign to spread GoldenSpy malware via tax accounting software used by customers of a Chinese bank have recently attempted to distribute an uninstaller that deletes the backdoor in an apparent attempt to cover up their illicit activities. In a previous company blog post and threat report, Trustwave and its SpiderLabs team identified the accounting software…

Tax software used by Chinese bank clients installs GoldenSpy backdoor

A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers SYSTEM-level privileges, researchers warn. In a company blog post and more detailed threat report, Trustwave and its SpiderLabs team identified the accounting software as Intelligent Tax, which was reportedly developed by the…

Test platform leaks Bank of America clients’ Covid-19 PPP loan applications

Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…

RansomPayment

P2P payment apps, users urged to curb COVID-19 advance fee fraud

Fraudsters posing as celebrities, philanthropists and do-gooders offering financial aid to everyday people struggling due to the COVID-19 epidemic are running scams on users of peer-to-peer payment applications such as Cash App and Venmo, but financial service providers and consumers can reduce the risk of becoming victims by implementing a few security measures. Satnam Narang,…

U.S. offers up to $5M for info on North Korean cyber activity

Four U.S. federal agencies on Wednesday jointly issued an advisory that warns of ongoing North Korea-sponsored cyberthreat operations, and offers a reward of up to $5 million for information on such operations. The communication, issued by the State Department, the Department of Homeland Security, the Treasury Department and the FBI, details the Democratic People’s Republic…

Brazilian 'bolware' gang targeted $3.75B in transactions, RSA finds

COVID-19 phishing campaigns reel in victims with stimulus fund lures

Email-based phishing schemes continue to trick victims with promises of coronavirus information, cures and vaccines, but now some fraudsters are also sending their targets lures related to the U.S. government-approved stimulus checks promised to most Americans. The latest evidence of this is a new report, authored by Abnormal Security, which details a scheme to impersonate…

Next post in Security News