Tuesday, May 6, 2025
HomeCyber Security NewsHackers Exploiting SS7 Protocol & Inject ATM Malware to Attack Banks and...

Hackers Exploiting SS7 Protocol & Inject ATM Malware to Attack Banks and Financial Sectors

Published on

SIEM as a Service

Follow Us on Google News

The Banking and Financial sectors were hit with a constant stream of cyber attacks when compared to any of the other industries. 25.7 percent of all malware attacks last year focused on Banks and Financial Services Organizations.

According to Intsights Q1 2019 report, the credentials leak doubled to any of the quarters of 2018. The spike is because of the collections leaked data exposed online, around Massive 2.2 Billion Usernames and Passwords exposed in Hacker Forums.

Credit card leakage increased by more than 212% and 102% year-over-year increase in malicious applications. As the users feel more comfortable with mobile banking the risk of malicious applications grows in parallel.

- Advertisement - Google News

IntSights observed a huge fluctuation in the area of financial assets over the black market. The percentage of leaked documents remains stable last year, but in Q1 of 2019, it increases by 23 percentage.

Top Attack Types

Hackers exploit the vulnerabilities within SS7 telecommunication protocol to intercept messages that authorize payments from accounts.

A new research details that sophisticated hackers are now taping the Phone network by exploiting the SS7 protocol to steal money from the bank accounts by intercepting the messages.

Banks and Financial sectors are the prime targets, trojans are common among all, some of the well-known trojans are Adload, ATRPAS, and Emotet.

Cybercriminals inject ATM Malware such as FASTCash and ATMJackPot in switch servers to transmit a fake message to approve fraudulent withdrawal requests.

Ransomware yet another trunk business for cybercriminals, they infect the banking systems and hold banks as a hostage until they pay up.

Next serious threat is the Mobile Banking Attacks, attackers deliver Fake banking apps and Banking Trojans to ex-filtrate login credentials and to steal money from the user’s account.

According to the report, the finance sector also appears the most on DDoS target lists found on the dark web. In some cases insider threats allow attackers to determine the loophole without triggering an alert.

Phishing-as-a-Service allows anyone without technical knowledge can run campaigns and exfiltrate the sensitive login credentials.

The report shows that the threat actors have most frequently targeted banks and financial institutions in developing regions of the world.

“Our research shows that financial organizations based in Latin America, Africa, and South Asia – primarily India and Pakistan – are particularly susceptible to attacks because many of them lack the same comprehensive security systems that are common at large corporations based in more developed countries throughout North America, Western Europe, and parts of Asia, like Singapore and Japan.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...