23 September 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

FinServ Cyber
The New ZLoader Variant Targets Banking CustomersCyware – Sep 22 2021 09:16A new ZLoader campaign has been discovered employing a stealthier distribution mechanism to target Australian and German banking customers. It uses signed droppers with lower rates of detection. What has happened According to a recent report from…
Sophos Survey Shows Asia Pacific and Japan Financial Services Organisations Hit Hard by RansomwareCyber Security Asean – Sep 21 2021 07:55Sophos, a global leader in next-generation cybersecurity, announced findings from its survey report, “The State of Ransomware in Financial Services 2021,” that show how mid-sized financial services organisations in Asia Pacific and Japan (APJ) spent…
European police arrested 106 alleged members of Italian Mafia gangs, including hackers who were doing SIM swapping, phishing, and hacking bank accounts. The alleged criminals employed hackers “specialized in phishing, vishing, and social engineering.”lorenzoFB – Twitter – Sep 20 2021 14:20European police arrested 106 alleged members of Italian Mafia gangs, including hackers who were doing SIM swapping, phishing, and hacking bank accounts.

The alleged criminals employed hackers “specialized in phishing, vishing, and social…

Financial Services: The Top Tools and Tactics Used to Execute Phishing AttacksPhishLabs – Sep 21 2021 19:50In this post, we take a look at the tools and infrastructure used by threat actors to target financial services.
ISMG Editors’ Panel: Cyber Insurers and Ransomware ResponseCareersInfoSecurity.eu – Sep 22 2021 08:52Also: When Bug Bounty Programs Go Bad; In Hot Pursuit of Automotive Loan Fraud In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the role of cyber insurers in supporting…
Michigan medical center pays hackers’ ransom to unlock patients’ financial filesSeclists.org – Data Loss – Sep 21 2021 16:27Posted by Sophia Kingsbury on Sep 21 hxxps://www[.]beckershospitalreview[.]com/cybersecurity/michigan-medical-center-pays-hackers-ransom-to-unlock-patients-financial-files.html Carleton-based Family Medical Center of Michigan began notifying patients
Biden administration to issue sanctions to counter ransomware paymentsSecurityMagazine.com – Sep 21 2021 16:00The Biden administration is allegedly preparing to sanction financial exchanges that facilitate illicit digital payments to cybercriminals. How will this new initiative impact businesses?
Biden administration sanctions cryptocurrency market to fight ransomwareThe Washington Times stories: News – Sep 21 2021 16:11The Biden administration cracked down on a cryptocurrency exchange on Tuesday to disrupt ransomware attackers using digital payments to facilitate the cyberattacks on America’s critical infrastructure. The Treasury Department announced sanctions…
OFAC Again Says Beware of Sanctions When Making Ransomware Payments and Designates Virtual Currency Exchange as Malicious Cyber ActorPrivacy & Information Security Law Blog – Sep 22 2021 13:51On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments (the “Updated Advisory”) on the sanctions risks…
Kaspersky: Use of New QakBot Banking Trojan that Steals Emails Up 65%KnowBe4 – Blog – Sep 21 2021 19:57Representing a new evolution of banking trojan, QakBot proves to be a formidable adversary against security defenses with its’ ability to steal emails – your users.
Numando Banking Trojan Abuses YouTube, Pastebin and other Public PlatformsCISOMAGon September 22, 2021 at 1:30 pm FeedzyITSecurity.Org – Sep 22 2021 13:30FeedzyRead MoreESET Research spotted a banking Trojan Numando, as part of a series on Malware in Latin America. Numando, like its other malware families, uses fake overlay windows, backdoor functionality, and abuse of public services such as YouTube…
Looks like Dridex moved away from Slack and are exclusively distributing their malware payload through Discord again today 🪲 I’m wondering how @SlackHQ got rid of Dridex within days but @discord fails to battle the threat for several month now 🤔 👉abuse_ch – Twitter – Sep 20 2021 18:42Looks like Dridex moved away from Slack and are exclusively distributing their malware payload through Discord again today 🪲

I’m wondering how @SlackHQ got rid of Dridex within days but @discord fails to battle the threat for several month now 🤔…

A New Dridex Variant Wraps Itself in Import Tariff Scheme | Cyware Alerts – Hacker NewsSecnewsbytes – Twitter – Sep 21 2021 12:21A New Dridex Variant Wraps Itself in Import Tariff Scheme | Cyware Alerts – Hacker News hxxps://cyware[.]com/news/a-new-dridex-variant-wraps-itself-in-import-tariff-scheme-246bd99b
Ghimob, TwMobo & BRata are here to stay and ready to expand worldwide, stealing your ‘mobile money’ – is the security industry prepared to stop them? ask @assolini and Fabio Marenghi at VB2021 #vblocalhost. Register now for freevirusbtn – Twitter – Sep 22 2021 10:40Ghimob, TwMobo & BRata are here to stay and ready to expand worldwide, stealing your ‘mobile money’ – is the security industry prepared to stop them? ask @assolini and Fabio Marenghi at VB2021 #vblocalhost. Register now for free…
Quick Malware Analysis: Qakbot and Cobalt Strike pcap from 2021-03-02Security Onion – Sep 20 2021 19:17Thanks to Brad Duncan for sharing this pcap! hxxps://www[.]malware-traffic-analysis[.]net/2021/03/02/index.html We did a quick analysis of this pcap on the latest version of Security Onion via so-import-pcap: hxxps://docs[.]securityonion[.]net/en/2.3/so…
After a 2 month summer break, Quakbot (aka Qakbot/Qbot) is back in town 🐸🔥 XLS: 📄 More DLLs and XLSs: 👉 Payload URLs: 🌎 Thanks to @pr0xylife and @nokae8 for sharing this ♥️abuse_ch – Twitter – Sep 20 2021 17:46After a 2 month summer break, Quakbot (aka Qakbot/Qbot) is back in town 🐸🔥

XLS:
📄 hxxps://bazaar[.]abuse[.]ch/sample/ec6e25e2e9d622d5d61abe03cda8d0cb009c846dc52a642864b78623d21b3f46/

More DLLs and XLSs:
👉…

Fraud & Money Laundering
Money laundering is now a key issue in the German election, politician saysCNBC – Sep 20 2021 10:47German Bundestag member Fabio de Masi, from The Left party, discusses the federal investigation into the country's Financial Intelligence Unit and the impact of the inquiry ahead of the federal election.
7 people accused of laundering money for scam syndicate to be charged in courtChannel NewsAsia – Sep 22 2021 10:58SINGAPORE: Six men and a woman will be charged in court on Thursday (Sep 22) for their suspected involvement in laundering money for a transnational scam syndicate. The suspects, aged 21 to 25, were allegedly recruited by an India-based criminal…
Europol nabs 106 criminals involved in SIM swapping, money launderingHackRead – Sep 20 2021 21:21By Waqas Europol said that the suspects carried out a number of cybercrimes included phishing, SIM Swapping, and BEC (business email compromise.)  This is a post from HackRead[.]com Read the original post: Europol nabs 106 criminals involved in SIM…
Delayed anti-money laundering reform hurts banks and AustraliaAustralian Financial Review – Sep 20 2021 06:19Australian banks and fintechs have backed the expansion of the anti-money laundering regime saying banks have had to shoulder the burden for too long and further delays could impact Australia’s international standing and access to capital.
TransferMate turns to ComplyAdvantage for AML screening and onboarding techFinextra Research news – Sep 21 2021 23:09Today ComplyAdvantage, a global data technology company transforming financial crime detection announced that TransferMate Global Payments, a leading global B2B-payments technology solution provider, has selected the reg tech innovator’s…
Forum: MAS working on framework on responsibilities and liabilities of banks and consumers in the case of fraudulent transactionsThe Straits Times All News – Sep 21 2021 17:00September 22, 2021 1:00 AM We thank Forum writers Young Pak Nang and Chwa Poh Kew for their respective letters, "How can customers be accountable for OTP fraud?" and "Bank kept asking me to pay for OTP fraud transactions" (Sept 17).
Phishing attacks: Police make 106 arrests as they break up online fraud groupZDNet Asia Blogs – Sep 20 2021 14:42Organised crime operation used phishing and business email compromise attacks.
UK banking industry-funded police unit prevents £85m of fraudFinextra Research Headlines blog – Sep 20 2021 11:13A specialist police unit which targets the organised criminal gangs behind fraud prevented a further £85 million from being stolen in the first half of this year.
Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffedThe Register – Security – Sep 21 2021 05:16Dare we say, these Euro cops ran mobprobe Police arrested 106 people suspected of carrying out online fraud for an organized crime gang linked to the Italian Mafia, Europol said on Monday.…
Fraud attacks on consumers are ‘national security threat’, say UK banksProactiveinvestors United Kingdom website – Sep 22 2021 14:21UK banks have warned that the rise in the number of consumer fraud attacks during the coronavirus pandemic is becoming a “national security threat”. Roughly £754mln has been stolen by criminals through bank frauds in the first six months of 2021, up…

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Financial Services Threat Alert

Sign up to receive strategic intelligence on the biggest threats facing the Financial Services industry.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal