Banking and Cybercrime - Cyber Security Informer

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work com and rdp[.]monster;

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. The site will then complain that the visitor’s bank needs to “verify” the transaction by sending a one-time code via SMS.

Phishing

Phishing Banking Mobile Retail

Cybercrime Rapper Sues Bank over Fraud Investigation

Krebs on Security

AUGUST 7, 2024

In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. PNC Bank did not respond to a request for comment.

Banking

Banking Cybercrime Accountability Retail

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Russian authorities arrest three suspects behind Mamont Android banking trojan

Security Affairs

MARCH 28, 2025

Russian authorities arrested three suspects for developing Mamont, a newly identified Android banking trojan. Russian authorities arrested three suspects in Saratov for developing Mamont (Russian for mammoth), a recently discovered Android banking trojan. Mamont can also spread to contacts in the victims messenger app.

Banking

Banking Computers and Electronics Mobile Malware

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches

Data breaches Banking Cybercrime Advertising

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking

Banking Government Accountability Hacking

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. The company has disabled public access to the site while we continue the investigation.

Cybercrime

Cybercrime Data breaches Technology Banking

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. The malware allows operators to steal bank users’ sensitive information and money from their bank accounts. ” reads the report published by Zimperium.

Banking

Banking Malware Accountability Phishing

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking

Banking Malware Accountability Authentication

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

JUNE 15, 2021

This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers. Alla Witte’s personal website — allawitte[.]nl nl — circa October 2018. 6 in Miami, Fla. Image: DOJ.

Cybercrime

Cybercrime Ransomware Passwords Banking

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Security Affairs

FEBRUARY 4, 2025

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Then the malware starts monitoring the active window.

Banking

Banking Malware Antivirus Cyber threats

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. Mark Rasch , a former cybercrime prosecutor for the U.S. As well as the cost of my services.”

Cybercrime

Cybercrime Accountability Identity Theft Hacking

The Risk of Weak Online Banking Passwords

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking

Banking Passwords Risk Accountability

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. Madory said Kaspersky’s network appears to be hosting several financial institutions , including Russia’s largest — Alfa-Bank.

Malware

Malware Antivirus Software DDOS

California Cryobank, the largest US sperm bank, disclosed a data breach

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., providing frozen donor sperm and reproductive services, including egg and embryo storage.

Data breaches

Data breaches Banking Insurance Hacking

Beyond Keylogging: HookBot’s Advanced Techniques for Data Theft

Penetration Testing

NOVEMBER 4, 2024

Netcraft’s latest research details HookBot, a sophisticated Android-based banking Trojan that’s steadily advancing its footprint in the cybercrime world.

Cybercrime

Cybercrime Banking Cybersecurity Penetration Testing

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns.

Banking

Banking Phishing Malware Passwords

The Silent Breach: How E-Waste Fuels Cybercrime

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime?

Cybercrime

Cybercrime Computers and Electronics Passwords Hacking

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. And get the latest on ransomware trends and on cybercrime legislation and prevention! Thats a key takeaway from Cybercrime: A Multifaceted National Security Threat, a report releaesd this week by Googles Threat Intelligence Group.

Banking

Banking Cybercrime Cybersecurity Ransomware

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. ” ThreatFabric concludes.

Banking

Banking Mobile Identity Theft Malware

Billion Dollar CyberSecurity Annual Budgets Have Arrived

Joseph Steinberg

JUNE 15, 2021

Major American banks and various other parties serving them are each spending $1 Billion per year on cybersecurity, according to Bank of America’s CEO, Brian Moynihan.

Cybersecurity

Cybersecurity Artificial Intelligence Banking Insurance

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

Scams

Scams Banking Accountability Financial Services

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS

DDOS Government Internet Internet

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. Bank customers. Bank customers.

Malware

Malware Banking Phishing DDOS

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.

Hacking

Hacking Accountability Government Social Engineering

Grandoreiro Banking Trojan is back and targets banks worldwide

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking

Banking Malware Antivirus Accountability

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. “No passwords” , “no bank cards” , “no content of communications (emails, SMS, voice messages, etc.)” The company is the second-largest ISP in France with over 22.9

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation.

Data breaches

Data breaches Banking Cybercrime Marketing

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website. Washington, D.C. ”

Banking

Banking Government Information Security Authentication

New Android banking trojan Octo2 targets European banks

Security Affairs

SEPTEMBER 24, 2024

A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices. ThreatFabric researchers discovered a new version of the Android banking trojan Octo, called Octo2, that supports more advanced remote action capabilities needed for Device Takeover attacks.

Banking

Banking Mobile Malware Social Engineering

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5.

VPN

VPN Government Cybercrime Internet

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly. The following authorities participated in the Operation Magnus.

Identity Theft

Identity Theft Passwords Malware Banking

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

Krebs on Security

APRIL 4, 2023

Several domain names tied to Genesis Market , a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. ” a cybercrime forum ad for Genesis enthused.

Marketing

Marketing Passwords Cybercrime Banking

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

Krebs on Security

APRIL 10, 2020

Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return.

Computers and Electronics

Computers and Electronics Banking Accountability Scams

Arrest in ‘Ransom Your Employer’ Email Scheme

Krebs on Security

NOVEMBER 22, 2021

Mr. Krebson also heard from an investigator representing the Nigeria Finance CERT on behalf of the Central Bank Of Nigeria. billion in losses tied to cybercrime in 2020, and BEC fraud and romance scams alone accounted for nearly 60 percent of those losses. Krebson is a clout-chasing monger. Source: FBI/IC3 2020 Internet Crime Report.

Scams

Scams Cybercrime Banking Identity Theft

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. Don’t put them on hold while you call your bank; the scammers can get around that, too. Just hang up.

Passwords

Passwords Mobile Authentication Banking

Evolve Bank data breach impacted over 7.6 million individuals

Security Affairs

JULY 9, 2024

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” million individuals.

Data breaches

Data breaches Banking Retail Ransomware

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime

Cybercrime Media Banking Accountability

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

billion from banks and other victims worldwide. Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 Investigators with the DOJ, U.S. The group is thought to be responsible for the attempted theft of approximately $1.2

Cryptocurrency

Cryptocurrency Financial Services Banking Government

Flagstar Bank suffered a data breach once again

Security Affairs

OCTOBER 9, 2023

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv. million customers of Flagstar.

Data breaches

Data breaches Banking Hacking Mobile

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

“Our continuous monitoring of underground activity revealed despite the conviction, Flint24 never left the cybercrime scene,” reads an analysis penned by Intel 471. Intel 471 says Selivanon also was charged along with Stroganov in this past week’s law enforcement action.

Cybercrime

Cybercrime Retail Banking Insurance

New sophisticate malware SuperCard X targets Androids via NFC relay attacks

Security Affairs

APRIL 21, 2025

The fraud campaign starts with fake bank alerts via SMS or WhatsApp, luring victims to call attackers. Since victims often do not recall their PIN immediately, the attackers guide them through their mobile banking application to retrieve this sensitive information.” ” reads the report published by Cleafy.

Malware

Malware Social Engineering Banking Engineering

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Security Affairs

JUNE 4, 2024

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. . ” reads the report published Resecurity.

Banking

Banking Phishing Social Engineering Engineering

How Cryptocurrency Turns to Cash in Russian Banks

China-based SMS Phishing Triad Pivots to Banks

Webinars

Trending Sources

Cybercrime Rapper Sues Bank over Fraud Investigation

Webinars

Russian authorities arrest three suspects behind Mamont Android banking trojan

Fintech Giant Finastra Investigating Data Breach

Hackers stole millions of dollars from Uganda Central Bank

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

New version of Android malware FakeCall redirects bank calls to scammers

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

How Does One Get Hired by a Top Cybercrime Gang?

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

From Cybercrime Saul Goodman to the Russian GRU

The Risk of Weak Online Banking Passwords

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

California Cryobank, the largest US sperm bank, disclosed a data breach

Beyond Keylogging: HookBot’s Advanced Techniques for Data Theft

Crooks are reviving the Grandoreiro banking trojan

The Silent Breach: How E-Waste Fuels Cybercrime

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Billion Dollar CyberSecurity Annual Budgets Have Arrived

Would You Have Fallen for This Phone Scam?

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Disneyland Malware Team: It’s a Puny World After All

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Grandoreiro Banking Trojan is back and targets banks worldwide

France’s second-largest telecoms provider Free suffered a cyber attack

When Efforts to Contain a Data Breach Backfire

Many Public Salesforce Sites are Leaking Private Data

New Android banking trojan Octo2 targets European banks

Is Your Computer Part of ‘The Largest Botnet Ever?’

International law enforcement operation dismantled RedLine and Meta infostealers

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

Arrest in ‘Ransom Your Employer’ Email Scheme

The Rise of One-Time Password Interception Bots

Evolve Bank data breach impacted over 7.6 million individuals

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

U.S. Indicts North Korean Hackers in Theft of $200 Million

Flagstar Bank suffered a data breach once again

Russians Shut Down Huge Card Fraud Ring

New sophisticate malware SuperCard X targets Androids via NFC relay attacks

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Stay Connected