FINANCIAL INFOSECURITY NEWSLETTER

February 2017

Dridex Banking Trojan Returns, Leverages New UAC Bypass Method

Vitali Kremez, Flashpoint-intel.com, January 26, 2017

Key Takeaways
• First observed in July 2014, “Dridex,” a financial banking Trojan, is considered to be one of the successors to the “GameOver ZeuS” (GoZ) malware.

Read More

Lloyds Banking Group Reportedly Hit by DDoS Attack

Jeremy Kirk, Bankinfosecurity.com, January 24, 2017

Lloyds Banking Group came under a distributed denial-of-service attack that hampered access to its online banking services for about two days earlier this month, several media outlets reported, citing anonymous sources.

Read More

The Changing Face of Carbanak

Michael Mimoso, Threatpost.com, January 19, 2017

Months of ramped up Carbanak activity that includes a new host of targets and new command and control strategy has reinvigorated attention on a criminal outfit that may have at one time stolen up to $1 billion from banks worldwide.

Read More

ATM Malware Retooled to Strike More Machines

Jeremy Kirk, Bankinfosecurity.com, January 16, 2017

In early 2013, cybercriminals began deploying in Mexico what some security experts described as one of the most advanced pieces of malware that’s ever been built to steal money from ATMs. Nicknamed Ploutus, it evolved to become the first ATM malware that could be controlled remotely by a mobile phone.

Read More

Indian Banks Are Waking up to a New Kind of Cyber Attack

Sugata Ghosh & Sangita Mehta, Economictimes.indiatimes.com, January 16, 2017

Hackers recently infiltrated the systems of three government-owned banks — two headquartered in Mumbai and one in Kolkata — to create fake trade documents that may have been used to raise finance abroad or facilitate dealings in banned items.

Read More

New York Regulator Eases Requirements for Its Proposed Cybersecurity Regulation

Brian Hengesbaugh, Amy de La Lama and Harry Valetk, Bakerinform.com, January 5, 2017

In a surprising turn of events, the New York State Department of Financial Services (“DFS”) announced on December 28 significant changes to its cybersecurity regulation in response to industry concerns that the agency’s original proposal was too prescriptive, and did not allow enough time for compliance.

Read More

Proofpoint Finds Social Media Phishing Scam Steals Credentials and Credit Cards

Informationsecuritybuzz.com, January 4, 2017

In a new blog post researchers from Proofpoint have tracked a phishing campaign leveraging the concept of “Twitter Brand Verification”. Because the actors in this case are relying on paid, targeted ads on Twitter, users don’t need to do anything to see the phishing link. Attackers are increasing the sophistication of social engineering approaches and extending them across social channels. Users and brands need to be increasingly savvy to avoid getting snared by ads, accounts, and messages that initially look legitimate. While this attack was observed on Twitter, such a scam could be implemented on any social media platform that implements some form of account verification.

Read More

The POS Malware Threat: All You Need to Know

Gunjan Tripathi, Sitepronews.com, December 27, 2016

For better or worse, a security firm’s attempt to cash in on software bugs by shorting a company’s stock and then publicizing the flaws might have pioneered a new approach to vulnerability disclosure.

Read More