Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Spam Bots. Show all posts

Security Breach Impacting 2.5 Million Users Revealed by Mortgage Servicer

 

In October, Lakeview Loan Servicing revealed a significant data breach that went unnoticed for more than a month and exposed the personal details of above 2 million customers. Any incident that leads to unauthorized access to data, applications, networks, or devices is referred to as a security breach. As a result, information is accessed without permission. It usually happens when an invader can get past security measures. 

The breach that was discovered in early December, harmed 2,537,261 borrowers between Oct. 27, 2021, and Dec. 7, 2021, as per the firm. According to public notice The letters, an unauthorized person gained access to the firm's servers and data, including names, addresses, loan information, and Social Security numbers. One of the notices described the occurrence as an "external system breach."

Mortgage servicers receive mortgage payments from homeowners and remit them to investors, tax officials, and insurers via escrow accounts. Investors' assets in mortgaged properties are also protected by servicers, who ensure the homeowners have enough insurance coverage. Customers have lodged eight class-action lawsuits in a Florida federal court since the servicer's revelation in mid-March, alleging Lakeview of breach of fiduciary responsibility, among other things, for failing to preserve personally identifiable information. In a complaint filed on behalf of Jennifer Morrill, a California client, Daniel Rosenthal, an advocate with DBR Law, P.A., said, "This PII was exposed due to Defendant's negligent, reckless, and willful acts and failures and the fails to secure the PII of Plaintiff and Class Members." 

According to Morrill's lawsuit, the sum at risk surpasses $5 million, and the proposed class has more than 100 members. In Morrill's case, a filing on Friday asks that the court cases be consolidated, pending a judge's consent. On Monday, Rosenthal declined to speak on the lawsuit. Lakeview refused to respond to the claims in a statement but said it contacted the proper third parties and people after discovering the incident. "Lakeview, like many other firms, encountered a security incident in 2021," according to the statement. "Steps were taken to contain the problem right once, law enforcement was alerted, and a forensic investigation firm conducted a comprehensive investigation." The operations of Lakeview were not hampered." 

According to a public document with the State Attorney General's Office made by an outside counsel for the firm, the servicer didn't witness a breach in the previous 12 months. Affected consumers received a free year of Kroll free credit and identity theft protection from Lakeview. The news comes amid an increase in fraud risk for mortgage lenders, who are more vulnerable to cyber attacks than other financial institutions. According to a new FundingShield Q1 2022 study, one out of every three transactions involves components of wire or title fraud risk, and wire errors and instances of perpetuated fraud are increased in about 6% of transactions. 

"Keep in mind," warned Ike Suri, chairman, and CEO of FundingShield, a loan and title fraud protection service. "And when it comes to these percentages, we're talking big figures." As per Security experts, the percentage of visitors affected by the Lakeview breach, as well as the volume of information exposed, was substantial. "It's a lot of data which will have repercussions on those people's current business and ongoing relationships, as well as the business itself," Suri said.

The operating assets to a mortgage loan are owned by Lakeview. They work with several Servicing companies to process payments, manage a trust, as well as provide customer support for their current mortgage. 

Users targeted with large number of Spam mails containing Banking Trojan

 
A new massive spam campaign has been spotted by security researchers at AppRiver which sends large amount of spam mails to data centers in an effort to evade Email-filtering engines.

AppRiver's data centers received 10 to 12 times normal traffic.  Even though AppRiver managed to block the spam mails, tremendous volume of traffic caused some of its customers delays in sending and receiving emails.

CyberCriminals are targeting users with large amount of emails with varying premise.  One of the spam mails is targeting Bank of America customers.  A fake alert message pretending to be from Bank of America contains a Bredo malware.

Researchers say the malware is capable of recording the keystrokes and steal financial information.  It has also capabilities to do download additional malware on the victim's machine.  The spam mails reportedly detected only by 11 out of 51 antiviruses.

Another mail analyzed by AppRiver is pretending to be from "VISA/MasterCard" and informs recipients that their account has been blocked due to unusual activity.

Some of the malicious attached files have pointed to Andromeda botnet and some other pointing to Bredo Botnet.  This botnet activity being referred as TidalWave/TidalBotnet by AppRiver.

Dutch Authorities take down C&C servers used by Grum Botnet


Dutch Authorities did a great job by taking down two of the command and control(C&C) servers belong to  the world's largest spam botnet ,Grum. This is not complete victory, as there are still two other C&C servers at work, but researchers are optimistic that the volume of spam will drop as a result.

Last week, FireEye published the details on four C&C servers, actively controlling the Grum botnet.Two of the servers were in the Netherlands, one is in Russia and the other in Panama.

Now, Dutch authorities take down the two Secondary C&C servers located in the Netherlands.  The master CnC servers located in Panama and Russia are still alive.

"These two CnC servers were responsible for pumping spam instructions to their zombies. With these two servers offline, the spam template inside Grum's memory will soon time out and the zombies will try to fetch new instructions but will not able to find them," FireEye’s Atif Mushtaq wrote.

“Ideally this should stop these bots from sending more spam. I am sure the absence of the spam sent by the world's third largest spam botnet will have a significant impact on the global volume.”