Finance | SC Media

Finance

Ukrainian nationals charged with hacking SEC docs in $4.1 million scam

Ukrainian nationals charged with hacking SEC docs in $4.1 million scam

The Department of Justice has charged two Ukrainian nationals for hacking into the Security and Exchange Commission’s (SEC) computer system to steal confidential corporate information and sell it to the highest bidder or to make trades. Artem Radchenko and Oleksandr Ieremenko were charged in the United States Court District of New Jersey with securities fraud…

‘Sharpshooter’ cyberespionage campaign scopes out defense, critical infrastructure sectors

A global phishing campaign called Operation Sharpshooter was discovered using fake job recruitment documents to infect defense, government and critical infrastructure organizations with a malicious backdoor implant, presumably for cyber espionage purposes. The implant, nicknamed Rising Sun, was observed in least 87 impacted organizations over the course of October and November, McAfee Labs reported today…

DanaBot banking trojan adds sly spam feature, distributes GootKit malware

The DanaBot banking trojan is branching out into new territories, adding email address harvesting and spam distribution to its bag of tricks, while apparently partnering with the actors behind GootKit, another banking malware program. In a company blog post today, researchers at ESET said they observed DanaBot’s sudden evolution while investigating a September 2018 campaign that…

Bitcoin scammers impersonate Elon Musk, hack Target’s Twitter account

Scammers impersonating Elon Musk managed to hack the verified Twitter accounts of Target and several others in a cryptocurrency fraud scheme promising huge Bitcoin giveaways Tuesday morning. Hackers were briefly able to get ahold of the Target Twitter page for about a half hour when they used the big-box retailer’s account to promote “the biggest crypto-giveaway…

Lazarus FASTCash ATM attack details discovered

Symantec researchers have uncovered several crucial details behind how the cybergang Lazarus, (AKA Hidden Cobra) has successfully conducted dozens of ATM hacks resulting in the machines literally spewing money out on the group’s command. What was already known is that the bank robbers inject a malicious Advanced Interactive eXecutive (AIX) executable into a running, legitimate…

StatCounter platform compromised to infect gate.io exchange with bitcoin-stealing code

A malicious actor compromised the platform of leading web analytics firm StatCounter in a supply chain attack that targeted the cryptocurrency exchange gate.io with a bitcoin-stealing script. Outside of gate.io, none of the other two million-plus websites using StatCounter’s metrics services appear to have been affected by the malicious JavaScript, even if they downloaded it. That’s because the…

Enigmatic cyber espionage campaign revives source code from old foe APT1

A newly discovered cyber espionage campaign targeting South Korea, the U.S. and Canada features malware that reuses old source code associated with the seemingly dormant or disbanded APT1 threat group. The findings raise the possibility that the reputed Chinese threat actor has resumed operations, especially because its source code was never released to the public, according to…

BankingTrojan

Betabot trojan packed with anti-malware evasion tools

A banking trojan packing anti-malware evasion techniques that features an exhaustive blacklist of security software. Cybereason researchers have spotted multiple Betabot, aka Neurevt, infections over the past few weeks and have noted the malware has now been packed with features that allow its operators to practically take over a victim’s machine to steal sensitive information,…

FireEye outs APT38 as North Korean cyber bank heist gang

A team of FireEye researchers has detailed the cyber machinations of APT38, a group of North Korea-linked hackers focusing on financial crime and responsible for stealing millions of dollars using highly destructive malware. The team of Nalani Fraser, Jaqueline O’Leary, Vincent Cannon and Frederick Plan said they were able to identify and separate APT38 from…

Next post in APTs/cyberespionage