A new congressional report indicates the Chinese government was likely responsible for hacks at the FDIC in 2010, 2011 and 2013. A total of 12 workstations were compromised and 10 servers were penetrated and infected with a virus.
A statement by Tien Phong Commercial Joint Stock Bank indicates the bank thwarted an attempt to transfer $1.36 million via a malware attack. The fraudsters attempted to transfer the funds via the interbank SWIFT messaging system, which is used by 11,000 banks worldwide.
A Bangladesh Bank was a victim of a malware attack that allowed hackers into the bank’s SWIFT software to transfer money and even hide their tracks in the process. $81 million were stolen.
Security firm FireEye has released a report indicating the mobile banking trojan, SlemBunk, is becoming more and more sophisticated as the number of mobile banking users rises. The malware is designed to attack Android devices and steals mobile banking credentials. The original report identified at least 30 mobile banking applications that were affected, including those in North America, Europe and Asia Pacific. An update to the report indicates the attack is even larger than originally identified.
The FBI, DOJ and DHS have released a Technical Alert on the Dridex P2P Malware. A system infected with Dridex may be employed to send spam, participate in distributed denial-of-service (DDoS) attacks and harvest users’ credentials for online services, including banking services.
Apple has confirmed the presence of the malicious iPhone, iPad and iPod touch software “XcodeGhost.” Prior to the discovery, only five malicious applications had ever been uncovered in the app store.
The gang behind the Carbanak banking malware, which was tied to at least $1 billion in fraud from 2012 to 2014, appears to be back, wielding new tactics. Recently, four new variants of Carbanak have been used to target victims in the United States and Europe via spear-phishing attacks, warns Denmark-based CSIS Security Group.