Tuesday, September 10, 2024
HomeCyber Security NewsHackers Exploiting SS7 Protocol & Inject ATM Malware to Attack Banks and...

Hackers Exploiting SS7 Protocol & Inject ATM Malware to Attack Banks and Financial Sectors

Published on

The Banking and Financial sectors were hit with a constant stream of cyber attacks when compared to any of the other industries. 25.7 percent of all malware attacks last year focused on Banks and Financial Services Organizations.

According to Intsights Q1 2019 report, the credentials leak doubled to any of the quarters of 2018. The spike is because of the collections leaked data exposed online, around Massive 2.2 Billion Usernames and Passwords exposed in Hacker Forums.

Credit card leakage increased by more than 212% and 102% year-over-year increase in malicious applications. As the users feel more comfortable with mobile banking the risk of malicious applications grows in parallel.

- Advertisement - EHA

IntSights observed a huge fluctuation in the area of financial assets over the black market. The percentage of leaked documents remains stable last year, but in Q1 of 2019, it increases by 23 percentage.

Top Attack Types

Hackers exploit the vulnerabilities within SS7 telecommunication protocol to intercept messages that authorize payments from accounts.

A new research details that sophisticated hackers are now taping the Phone network by exploiting the SS7 protocol to steal money from the bank accounts by intercepting the messages.

Banks and Financial sectors are the prime targets, trojans are common among all, some of the well-known trojans are Adload, ATRPAS, and Emotet.

Cybercriminals inject ATM Malware such as FASTCash and ATMJackPot in switch servers to transmit a fake message to approve fraudulent withdrawal requests.

Ransomware yet another trunk business for cybercriminals, they infect the banking systems and hold banks as a hostage until they pay up.

Next serious threat is the Mobile Banking Attacks, attackers deliver Fake banking apps and Banking Trojans to ex-filtrate login credentials and to steal money from the user’s account.

According to the report, the finance sector also appears the most on DDoS target lists found on the dark web. In some cases insider threats allow attackers to determine the loophole without triggering an alert.

Phishing-as-a-Service allows anyone without technical knowledge can run campaigns and exfiltrate the sensitive login credentials.

The report shows that the threat actors have most frequently targeted banks and financial institutions in developing regions of the world.

“Our research shows that financial organizations based in Latin America, Africa, and South Asia – primarily India and Pakistan – are particularly susceptible to attacks because many of them lack the same comprehensive security systems that are common at large corporations based in more developed countries throughout North America, Western Europe, and parts of Asia, like Singapore and Japan.”

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Chinese Hackers Using Open Source Tools To Launch Cyber Attacks

Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a...

Small Business, Big Threats: INE Security Launches Initiative to Train SMBs to Close a Critical Skills Gap

As cyber threats grow, small to medium-sized businesses (SMBs) are disproportionately targeted. According to...

Researchers Details Attacks On Air-Gaps Computers To Steal Data

The air-gap data protection method isolates local networks from the internet to mitigate cyber...

Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive

In August 2024, researchers detected a malicious Google Chrome browser infection that led to...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Researchers Details Attacks On Air-Gaps Computers To Steal Data

The air-gap data protection method isolates local networks from the internet to mitigate cyber...

Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive

In August 2024, researchers detected a malicious Google Chrome browser infection that led to...

CISA Issues Warning About Three Actively Exploited Vulnerabilities in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three...