Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Bank Hacking. Show all posts
Ukraine-Russia Conflict
Bank Hacking Cyber Attacks data security DDoS DDOS Attacks Russian Cyber Security Ukraine-Russia Conflict

DDoS Attacks Disrupt Major Russian Banks: Ukraine Claims Responsibility

 

Several major Russian banks experienced distributed denial-of-service (DDoS) attacks, disrupting their online services and mobile apps. On Wednesday, local media reported that state-owned VTB Bank was among those affected. The bank informed the state news agency TASS that an attack “planned from abroad” caused disruptions for its clients trying to access online services. 

The Russian Agricultural Bank also reported being targeted by a DDoS attack on Tuesday. However, the bank noted that the impact was minimal due to their implementation of an enhanced system to combat such attacks. Gazprombank, the third-largest private bank in Russia, faced difficulties with its app’s transaction services due to the attack, though the issue was quickly resolved. Other banks, including Alfa Bank, Rosbank, and Post Bank, were also reportedly affected. 

On Wednesday, Ukraine’s military intelligence (HUR) claimed responsibility for the DDoS campaign targeting the Russian banking sector. An anonymous source within HUR, speaking to Ukrainian media, mentioned that the attacks also affected several Russian payment systems and large telecom operators such as Beeline, Megafon, Tele2, and Rostelecom. While this claim has not been independently verified, the HUR official stated that the attack “is still ongoing and far from over.” 

This incident is part of a series of cyberattacks by Ukrainian entities against Russian targets. In October, pro-Ukrainian hackers and Ukraine’s security service (SBU) claimed to have breached Russia’s largest private bank, Alfa-Bank. In January, data allegedly belonging to 30 million Alfa-Bank customers was released by attackers involved in the breach. Earlier this year, the hacker group Blackjack, in cooperation with the SBU, breached a Moscow internet provider in retaliation for a Russian cyberattack on Ukraine’s largest telecom company, Kyivstar. 

While not all reports from Ukrainian hackers or intelligence officials can be independently verified, the recent DDoS attacks on Russian banks had noticeable consequences, despite Russian claims of minimal impact. DDoS attacks are generally easier to mitigate, but this campaign stands out for its broad impact on multiple financial institutions and service providers. The ongoing cyber warfare between Ukraine and Russia underscores the escalating digital conflict between the two nations. Both sides have been leveraging cyber capabilities to disrupt each other’s critical infrastructure. 

The recent attacks highlight the necessity for robust cybersecurity measures and swift response strategies to minimize the impact on essential services and ensure the security of digital transactions. As cyber threats evolve, both nations will likely continue to enhance their defenses to protect against such incursions.
Read more »
Hacker attack
Bank Data Bank Hacking Credit Card hack Cyber Attacks Cyberhacking data security Hacker attack

Hacker Subscription Service Exposes 600,000 Bank Card Details

 

A disturbing new hacker subscription service has emerged, offering access to 600,000 stolen bank card details for a fee of just £120. This service, identified by cybersecurity researchers from Flare, is named “Breaking Security” and allows its subscribers to exploit stolen bank card information for various illicit activities, including unauthorized transactions and identity theft. 

The service provides subscribers with detailed information about the compromised cards, including card numbers, expiration dates, and CVV codes. This data enables hackers to make online purchases or even clone the cards for physical transactions. The subscription service’s affordability and extensive database make it particularly dangerous, as it lowers the barrier for individuals seeking to engage in cybercrime. Flare’s researchers have highlighted the significant threat posed by Breaking Security, noting that such services are part of a growing trend in the cybercrime industry. These services make it easier for less technically skilled individuals to access sophisticated tools and data, leading to a rise in cybercrimes. 

The availability of such a service underscores the evolving nature of cyber threats and the increasing sophistication of criminal networks. Authorities are currently investigating Breaking Security to identify and apprehend the perpetrators behind the service. Law enforcement agencies are working to mitigate the impact on the affected individuals and prevent further exploitation of the stolen card data. The investigation is focused on tracking down the source of the data breach and the infrastructure supporting the subscription service. This incident highlights the critical importance of robust cybersecurity measures for both individuals and organizations. 

For individuals, it is crucial to regularly monitor bank statements for unauthorized transactions and to use security features such as two-factor authentication wherever possible. Organizations, on the other hand, must invest in comprehensive security solutions to protect sensitive data and detect breaches promptly. The emergence of Breaking Security also points to a broader issue within the cybercrime ecosystem. As long as there is a market for stolen data, cybercriminals will continue to find innovative ways to monetize their activities. 

This calls for a coordinated effort between law enforcement, cybersecurity experts, and financial institutions to dismantle such operations and safeguard against future threats. In conclusion, the discovery of the Breaking Security subscription service represents a significant threat to financial security and privacy. The service’s ability to provide extensive access to stolen bank card details for a relatively low cost is alarming. It underscores the need for enhanced vigilance and proactive measures to combat the growing menace of cybercrime. 

As investigations continue, it is essential for individuals and organizations to remain vigilant and take necessary steps to protect themselves from such sophisticated threats.
Read more »
QR code
Bank Hacking cyber attack Cyber Security malware Phishing Attack Privacy QR code

Here's How To Steer Clear Of QR Code Hacking

 



QR codes, present for years and widely embraced during COVID-19, offer great benefits. Yet, cybercriminals exploit them, creating malicious QR codes to unlawfully access your personal and financial data. These tampered codes pose a threat, potentially leading to unauthorised access, financial loss, and malware on your smartphone. 

Used extensively for contactless payments, paperless menus, and quick information access, QR codes are embedded in modern phone systems. Scanning a code takes seconds, but the ease of tampering has led to a surge in QR phishing attacks. Stay vigilant against potential threats when using QR codes to protect your digital safety. 

Let's see how it works 

QR code hacking is surprisingly uncomplicated, thanks to the abundance of generator tools available. In just a couple of minutes, scammers can create fake QR codes that mimic authentic ones found in public spaces. The challenge lies in the fact that the human eye struggles to distinguish between a genuine and a malicious QR code. Exploiting this, scammers trick users into scanning their fraudulent codes, leading them to malicious websites. 

Once a user scans the tampered QR code, the potential for harm escalates. Cybercriminals often replace legitimate QR codes in public areas, like cafes or parking lots, with their malicious counterparts. The ultimate goal is to gain access to personal information, and financial details, or even compromise the security of the user's device. These deceptive QR codes might redirect users to payment sites, unauthorised social media profiles, or initiate actions such as sending emails without consent, all of which can result in the theft of login credentials and damage to one's reputation. Staying alert and recognizing warning signs before interacting with unfamiliar QR codes is crucial to avoid falling victim to these scams. 

Let's explore practical measures to strengthen our protective measures. 

 1. Public Vigilance: 

Stay alert in public spaces, refraining from scanning QR codes where tampering is more likely. Be watchful for deceptive stickers replacing genuine codes. 

 2. URL Scrutiny: 

Before proceeding, meticulously inspect the URL revealed by the QR code. Shortened URLs should trigger heightened caution, prompting a thorough review. 

 3. Language Alerts: 

Keep an eye out for grammatical errors and poor English when interacting with QR codes. Scammers often neglect language quality on fraudulent websites. 

 4. Package Precaution: 

Exercise caution when scanning QR codes on unexpected packages. Confirm orders through official channels to avoid potential scams. 

 5. Crypto-Smart Practices: 

Approach QR codes linked to cryptocurrency transactions with scepticism. Verify such communications through official channels to safeguard personal information. 

 6. App Awareness: 

Say no to downloading apps from QR codes, particularly if not from official stores. Stick to Google Play or the App Store to ensure app legitimacy and preserve your device's security. 


 Stay Alert to the Surge in QR Code Scams

As QR code scams proliferate, be on high alert for potential threats. If you fall victim to one of these hacks, take immediate action. Change your account passwords, notify your bank of the incident, and bolster your security with two-factor authentication (2FA) for crucial services like Google and Microsoft. Safeguard your sensitive information by utilising a reliable password manager to deter prying eyes.

Read more »
Russia-Ukraine War
Anonymous Bank Hacking Cyber Attacks cybercriminals Russia-Ukraine War

Anonymous Plan to Release 35,000 Documents, Targeting Russia's Central Bank

 

Hackers stole $31 million ($2 billion) from Russian Central Bank client accounts, but officials were able to recover $26 million ($1.66 billion) of the assets, according to the bank in a report issued, originally reported by Reuters.

On Thursday, a Twitter account linked to the hacker-activist organization Anonymous claimed Russia's central bank had been hacked and that 35,000 files on "secret deals" will be revealed within 48 hours. 

The report does not say how Russian Central Bank officials detected the breach, but they did so in time to freeze some of the funds while they were being transferred between bank accounts to avoid being traced. 

Anonymous is a loosely organized organization of hackers from all over the world which has been active since at least 2008 when it targeted the Church of Scientology. It then shifted to 'hacktivism,' in which it targeted governments and corporations over key concerns. Members are known to wear Guy Fawkes masks and conceal one's voices with voice changers or text-to-speech tools. 

The gang does not appear to have a clearly defined hierarchy or set of regulations, making it difficult to credit cyber operations effectively. Since before the Russian invasion, Ukraine's government, army, and banks had been subjected to Russian-sponsored cyber attacks. Mykhailo Fedorov, Ukraine's Minister of Digital Transformation, told the press the main purpose of these attacks is to destabilize the country, stir panic, and create anarchy. 

The incident is similar to one that occurred earlier this year when hackers attempted to steal over $1 billion from the Bangladesh Central Bank but only succeeded in stealing $81 million. The majority of the funds were sent to Philippine casinos. The Bangladesh Central Bank has so far been able to retrieve $18 million in stolen funds. 

The study by the Russian Central Bank came on the same day the FSB (Federal Security Service) issued a warning about foreign intelligence services may try to destabilize Russia's financial system by spreading rumors of a false crisis, fake news about bank collapses, SMS alerts, and cyber-attacks. 

The FSB claimed its agents discovered servers held by a Ukrainian web hosting company in the Netherlands which were supposed to be utilized in the alleged campaign. Officials from the FSB said they were prepared to take any steps necessary to fight the danger.
Read more »
Ukraine Websites
Bank Hacking Cyber Attacks DDOS Attacks GRU Mirai botnet Russian Hacker UK Ukraine Websites

DDoS Assaults on Ukrainian Banking Elite has Resumed Yet Again


Cyberattacks took down Ukrainian official and bank websites, prompting the government to declare a statewide state of emergency amid growing fears that Russian President Vladimir Putin could launch a full-scale military invasion of Ukraine. The websites of Privatbank (Ukraine's largest bank) and Oschadbank (the State Savings Bank) were also blasted in the onslaught and brought down Ukrainian government sites as well, according to Internet monitor NetBlocks. 

"At around 4 p.m., another massive DDoS attack on the state commenced. We have relevant data from several banks," stated Mykhailo Fedorov, Minister of Digital Transformation, who also mentioned the parliament website had been hacked. Hackers were prepared to conduct big attacks on government organizations, banks, and the defense sector, as Ukrainian authorities said earlier this week. 

SSSCIP and other national cybersecurity authorities in Ukraine are currently "working on countering the assaults, gathering and evaluating information." According to the Computer Emergency Response Team of Ukraine (CERT-UA), the attackers used DDoS-as-a-Service platforms and numerous bot networks, including Mirai and Meris, to carry out the DDoS attacks on February 15th. The DDoS attacks were traced to Russia's Main Directorate of the General Staff of the Armed Forces on the same day, according to the White House. 

"We have technical information indicating ties the Russian main intelligence directorate, or GRU," Deputy National Security Advisor for Cyber Anne Neuberger stated. "Known GRU infrastructure was spotted delivering huge volumes of communication to Ukraine-based IP addresses and domains." 

Neuberger went on to say as, despite the "limited impact," the strikes can be considered as "setting the framework" for more disruptive attacks, which could coincide with a possible invasion of Ukraine's territory. 

The UK government also blamed Russian GRU hackers for the DDoS strikes last week which targeted Ukrainian military and state-owned bank websites. Following a press release from Ukraine's Security Service (SSU), which also had its website hacked, the country was attacked by a "huge wave of hybrid warfare." The SSU announced earlier this month so, during January 2022, it stopped over 120 cyberattacks aimed at Ukrainian governmental entities.
Read more »
User Security
Bank Hacking Cyber Attacks User Privacy User Security

Cyberattack Disrupts the Services of National Bank of Pakistan

 

The National Bank of Pakistan (NBP) suffered a cyberattack last week that disrupted its services for three days. Hackers targeted a section of the computer system at the National Bank used for controlling the bank’s ATM network and mobile apps.

Arif Usman, NBP President confirmed the cyber-attack in which the attackers failed to gain access to the NBP’s main servers, though they did take control of some of the computers running Microsoft’s software. 

While the attack disrupted some of the systems, no funds were reported missing, according to the bank and people familiar with the attack and the current investigation.

"In the late hours of the October 29 and early morning of October 30, a cyberattack on the NBP's servers was detected which impacted some of its servers. Immediate steps were taken to isolate the affected systems. NBP’s teams supported by top specialists worked over the last 48 hours to resolve the issue,” the bank said in a statement stated. 

Due to inaccurate reporting by local news outlets, some scared customers rushed to ATMs to withdraw funds on Monday morning. The Pakistani government had to step in and issue a statement in order to calm spirits and prevent a run on all Pakistani banks. 

Pakistani security researcher Rafay Baloch shared a screenshot on Twitter earlier today claiming to portray one of the affected NBP systems. The screenshot showed a Windows computer failing to start due to a missing boot configuration file error.

Fortunately, more than 1,000 branches are opened and are working smoothly catered, the bank said in a statement on Monday. Additionally, all ATMs nationwide had been fully restored.

Earlier this year, Pakistan’s Federal Board of Revenue (FBR) database also suffered a cyberattack. Minister Shaukat Tarin informed the National Assembly that FBR portals were subjected to 71,000 cyberattacks every month on average. 

“The government needs to develop a framework and risk mitigation guidelines where a minimum level of cyber threat deterrence is maintained by country’s critical infrastructure institutions which include the banks. Pakistan should introduce industry-specific regulatory compliance that requires financial institutions to implement sufficient information security protections,” cyber security expert Haroon Ali stated.
Read more »
Telegram
Bank Bank Hacking Bots Cyber Security OTP OTP Theft Telegram

Analysts Warn of Telegram Powered Bots Stealing Bank OTPs

 

In the past few years, two-factor verification is one of the simplest ways for users to safeguard their accounts. It has now become a major target for threat actors. As per Intel 471, a cybersecurity firm, it has observed a rise in services that allow threat actors to hack OTP (one time password) tokens. Intel 471 saw all these services since June which operate via a Telegram bot or provide assistance to customers via a Telegram channel. Through these assistance channels, users mostly share their feats while using this bot and often walk away thousand dollars from target accounts. 

Recently, threat actors have been providing access to services that call victims, which on the surface, looks like a genuine call from a bank and then fool victims into providing an OTP or other authentication code into a smartphone to steal and give the codes to the provider. Few services also attack other famous financial services or social media platforms, giving SIM swapping and e-mail phishing services. According to experts, a bot known as SMSRanger, is very easy to use. With one slash command, a user can enable various modes and scripts targeted towards banks and payment apps like Google Pay, Apple Pay, PayPal, or a wireless carrier. 

When the victim's phone number has been entered, the rest of the work is carried out by the bot, allowing access to the victim's account that has been attacked. The bot's success rate is around 80%, given the victims respond to the call and provides correct information. BloodOTPBot, a bot similar to SMSRanger sends the user a fake OTP code via message. In this case, the hacker has to spoof the target's phone number and appear like a company or bank agent. After this, the bot tries to get the authentication code with the help of social engineering tricks. 

The bot sends the code to the operator after the target receives the OTP and types it on the phone keyboard. A third bot, known as SMS buster, however, requires more effort from the attacker for retrieving out information. The bot has a feature where it fakes a call to make it look like a real call from a bank, and allows hackers to contact from any phone number. The hacker could follow a script to fake the victim into giving personal details like ATM pin, CVV, and OTP.
Read more »
Vulnerabilities and Exploits
Bank Hacking Bank Security Vulnerabilities and Exploits

Vulnerabilities in bank chatbots allow hackers to steal money

Awillix specialists discovered vulnerabilities in bank chatbots that could allow fraudsters to transfer money without the knowledge of customers. Positive Technologies confirmed the risks. The largest banks reported that they limit the functionality of chatbots in messengers. 

It should be noted that about 10% of Russian banks use chatbots: they can be used in messengers, mobile applications, social networks, on the website and in the contact center.

Alexander Gerasimov, Director of Information Security at Awillix, said that chatbots in messengers, which are used for individual account transactions, may be vulnerable to malicious attacks.

The company's specialists checked the security of chatbots in two Russian credit organizations and found similar logical vulnerabilities. They allow obtaining the number and expiration date of cards, as well as finding out the account balance and cell phone number of the client.

"During the pentests, it was possible to log into the test client's account and perform a money transfer operation," Alexander Gerasimov said.

Maxim Kostikov, head of the banking systems security research group at Positive Technologies, confirmed that chatbots can be subject to various vulnerabilities, which depend on their functionality. For example, security problems can allow you to get customer data, get into their personal accounts in the chatbot, and find out the card balance.

According to him, the most popular scenarios of deception are changing the functionality of the chatbot to collect information about the person who uses it, sending malicious software on behalf of a credit institution, replacing the robot with a fraudster during communication, creating fake chatbots of banks. 

"If a person uses a bank chatbot, which is able to make money transfers in the messenger, two-factor authentication can be configured to log into the application to protect funds," stressed Infosystems Jet expert, adding that there is also a danger in cases when an attacker gained direct access to the victim's device physically or as a result of a malicious attack.

Read more »
Subscribe to: Posts (Atom)