Thursday, March 28, 2024

Hackers Exploiting SS7 Protocol & Inject ATM Malware to Attack Banks and Financial Sectors

The Banking and Financial sectors were hit with a constant stream of cyber attacks when compared to any of the other industries. 25.7 percent of all malware attacks last year focused on Banks and Financial Services Organizations.

According to Intsights Q1 2019 report, the credentials leak doubled to any of the quarters of 2018. The spike is because of the collections leaked data exposed online, around Massive 2.2 Billion Usernames and Passwords exposed in Hacker Forums.

Credit card leakage increased by more than 212% and 102% year-over-year increase in malicious applications. As the users feel more comfortable with mobile banking the risk of malicious applications grows in parallel.

IntSights observed a huge fluctuation in the area of financial assets over the black market. The percentage of leaked documents remains stable last year, but in Q1 of 2019, it increases by 23 percentage.

Top Attack Types

Hackers exploit the vulnerabilities within SS7 telecommunication protocol to intercept messages that authorize payments from accounts.

A new research details that sophisticated hackers are now taping the Phone network by exploiting the SS7 protocol to steal money from the bank accounts by intercepting the messages.

Banks and Financial sectors are the prime targets, trojans are common among all, some of the well-known trojans are Adload, ATRPAS, and Emotet.

Cybercriminals inject ATM Malware such as FASTCash and ATMJackPot in switch servers to transmit a fake message to approve fraudulent withdrawal requests.

Ransomware yet another trunk business for cybercriminals, they infect the banking systems and hold banks as a hostage until they pay up.

Next serious threat is the Mobile Banking Attacks, attackers deliver Fake banking apps and Banking Trojans to ex-filtrate login credentials and to steal money from the user’s account.

According to the report, the finance sector also appears the most on DDoS target lists found on the dark web. In some cases insider threats allow attackers to determine the loophole without triggering an alert.

Phishing-as-a-Service allows anyone without technical knowledge can run campaigns and exfiltrate the sensitive login credentials.

The report shows that the threat actors have most frequently targeted banks and financial institutions in developing regions of the world.

“Our research shows that financial organizations based in Latin America, Africa, and South Asia – primarily India and Pakistan – are particularly susceptible to attacks because many of them lack the same comprehensive security systems that are common at large corporations based in more developed countries throughout North America, Western Europe, and parts of Asia, like Singapore and Japan.”

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles