Thursday, April 18, 2024

Hackers Exploiting SS7 Protocol & Inject ATM Malware to Attack Banks and Financial Sectors

The Banking and Financial sectors were hit with a constant stream of cyber attacks when compared to any of the other industries. 25.7 percent of all malware attacks last year focused on Banks and Financial Services Organizations.

According to Intsights Q1 2019 report, the credentials leak doubled to any of the quarters of 2018. The spike is because of the collections leaked data exposed online, around Massive 2.2 Billion Usernames and Passwords exposed in Hacker Forums.

Credit card leakage increased by more than 212% and 102% year-over-year increase in malicious applications. As the users feel more comfortable with mobile banking the risk of malicious applications grows in parallel.

IntSights observed a huge fluctuation in the area of financial assets over the black market. The percentage of leaked documents remains stable last year, but in Q1 of 2019, it increases by 23 percentage.

Top Attack Types

Hackers exploit the vulnerabilities within SS7 telecommunication protocol to intercept messages that authorize payments from accounts.

A new research details that sophisticated hackers are now taping the Phone network by exploiting the SS7 protocol to steal money from the bank accounts by intercepting the messages.

Banks and Financial sectors are the prime targets, trojans are common among all, some of the well-known trojans are Adload, ATRPAS, and Emotet.

Cybercriminals inject ATM Malware such as FASTCash and ATMJackPot in switch servers to transmit a fake message to approve fraudulent withdrawal requests.

Ransomware yet another trunk business for cybercriminals, they infect the banking systems and hold banks as a hostage until they pay up.

Next serious threat is the Mobile Banking Attacks, attackers deliver Fake banking apps and Banking Trojans to ex-filtrate login credentials and to steal money from the user’s account.

According to the report, the finance sector also appears the most on DDoS target lists found on the dark web. In some cases insider threats allow attackers to determine the loophole without triggering an alert.

Phishing-as-a-Service allows anyone without technical knowledge can run campaigns and exfiltrate the sensitive login credentials.

The report shows that the threat actors have most frequently targeted banks and financial institutions in developing regions of the world.

“Our research shows that financial organizations based in Latin America, Africa, and South Asia – primarily India and Pakistan – are particularly susceptible to attacks because many of them lack the same comprehensive security systems that are common at large corporations based in more developed countries throughout North America, Western Europe, and parts of Asia, like Singapore and Japan.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.


Latest articles

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)

In the wake of the recent disclosure of a critical vulnerability (CVE-2024-3400) affecting a...

Cerber Linux Ransomware Exploits Atlassian Servers to Take Full Control

Security researchers at Cado Security Labs have uncovered a new variant of the Cerber...

FGVulDet – New Vulnerability Detector to Analyze Source Code

Detecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent...

North Korean Hackers Abuse DMARC To Legitimize Their Emails

DMARC is targeted by hackers as this serves to act as a preventative measure...

L00KUPRU Ransomware Attackers discovered in the wild

A new variant of the Xorist ransomware, dubbed L00KUPRU, has been discovered in the...

Oracle Releases Biggest Security Update in 2024 – 372 Vulnerabilities Are Fixed – Update Now!

Oracle has released its April 2024 Critical Patch Update (CPU), addressing 372 security vulnerabilities...

Outlook Login Panel Themed Phishing Attack Evaded All Antivirus Detections

Cybersecurity researchers have uncovered a new phishing attack that has bypassed all antivirus detections.The...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles