Banking

€13 million Maltese bank cyber-heist – six men arrested in UK

The UK’s National Crime Agency (NCA) have arrested a total of six men as part of an investigation into the hack of a Maltese bank in February 2019.

Smashing Security #159: Rap, robbery, and IoT holiday hell

A rapping bank worker is accused of stealing from the vault, the devices that can hide your car’s true mileage, and why it may be a case of “No No No” rather than “Ho Ho Ho” when it comes to IoT toys this Christmas.

And as Carole sups the mulled wine, Graham has problems with his internet connection…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.

European Central Bank confirms website hack and data breach

The European Central Bank (ECB), the central bank of the 19 European countries which have adopted the euro, has shut down a compromised website after it discovered that hackers had planted malware that stole information from newsletter subscribers.

Two weeks after hackers tried to steal 13 million euros, Bank of Valletta goes offline again

The Maltese Bank of Valletta went down two weeks ago as hackers tried to steal 13 million Euros.

And now its systems have gone down again…

bitdefender.com

School district fails to reclaim $120,000 wired by bank to scammer

A school district in Indiana which had $120,000 transferred from its bank account after its email account was hacked, has failed in an attempt to reclaim the cash.

Read more in my article on the Hot for Security blog.

tripwire.com

Hackers steal $13.5 million from Indian bank in global attack

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend.

Read more in my article on the Tripwire State of Security blog.

tripwire.com

Hackers siphon hundreds of millions of pesos out of Mexican banks through shadow transactions

A software vulnerability is suspected of being to blame for a hack which saw criminals transfer more than 300 million pesos (over US $15 million) out of Mexican banks.

Read more in my article on the Tripwire State of Security blog.

This Android malware redirects calls you make to your bank to go to scammers instead

Once installed the malware will intercept mobile calls you attempt to make to your bank, and instead direct them to a scammer.

tripwire.com

Hackers steal $60 million from Taiwanese bank using bespoke malware

A hacking gang abused the SWIFT banking network to steal $60 million after planting malware on a Taiwanese bank’s servers.

Read more in my article on the Tripwire State of Security blog.

Banking trojan campaign uses commercial packers to target Brazilian users

A banking trojan campaign is using commercial packing platforms to evade analysis and thereby successfully infect unsuspecting users.

David Bisson reports.

Publication of NukeBot trojan’s source code leads to new ‘operational’ samples

New “operational” samples of the NukeBot banking trojan have emerged months after its original creator published its source code.

David Bisson reports.

Malware installs Signal as part of scheme to steal Mac users’ banking credentials

The new OSX/Dok Mac malware is mysteriously pushing the Signal private-messaging app onto victims’ mobile devices as part of a scheme to steal their banking credentials.

David Bisson reports.

Europol busts 27 burglars for Black box-based ATM logic attacks

Europol has arrested 27 members of an international conspiracy that sought to commit ATM “Black box” attacks across Europe and parts of Scandinavia.

David Bisson reports.

Bank robbers exploited SS7 weaknesses to drain 2SV-protected accounts

A group of thieves exploited weaknesses in Signaling System 7 (SS7) to drain users’ bank accounts, including those protected by two-step verification (2SV).

David Bisson reports.

Smashing Security #009: False flags and hacker clues

The Lazarus malware attempts to trick you into believing it was written by Russians, second-hand connected cars may be easier to steal, and is your child a malicious hacker?

All this and more is discussed in the latest podcast by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault.

Oh, and Carole gets Graham and Vanja to apologise for mistakes of their past…

Lazarus mob possibly behind malware attacks against Polish banks

A hacking gang known as the Lazarus Group might be responsible for malware attacks that have targeted Polish banks and other financial organizations.

David Bisson reports.