December 6, 2025
Dark Light
Search

Blog Post

Cyber Intelligence > finance
Editorial Team
cybercrime Finance News
0
24

Financial services see DDoS attacks double

Financial services companies worldwide saw the number of distributed denial-of-service (DDoS) attacks more than double in the second half of 2024. A DDoS attack is a malicious attempt to disrupt a service by overwhelming it with a flood of internet traffic. In the same period, the total number of DDoS attacks globally grew by 17 percent.

According to global hosting and cloud services company Gcore, the financial services sector saw the most significant rise of any sector in the third and fourth quarters of 2024, with a rise of 117 percent. This marks a consistent overall increase in DDoS attacks quarter on quarter. While the third and fourth quarters of 2024 showed an increase of 17 percent, this represents a 56 percent rise over the same period in 2023.

Read More
Editorial Team
cybercrime Healthcare News
0
36

Healthcare cyber-attacks now “a national security threat”

Search engine giant’s Google Threat Intelligence Group reports that cybercriminal and state-backed cyber-attacks on the healthcare sector in countries such as the US and UK have escalated to a level where they are actually costing lives.

“Healthcare’s share of posts on data leak sites has doubled over the past three years, even as the number of data leak sites tracked by Google Threat Intelligence Group has increased by nearly 50% year over year. The impact of these attacks means that they must be taken seriously as a national security threat, no matter the motivation of the actors behind it,” says Google.

Read More
Editorial Team
Breaking News European Union News
0
24

The rising costs of DORA compliance

The European Digital Operational Resilience Act (DORA), which came into force on Friday, January 17, is already having unforeseen costs for organizations right across the financial sector. Although the act is the brainchild of the European Union (EU), the financial services industry has been global for some years, and firms in the US and the UK are also impacted. As of Friday, the new regulations now also apply to US companies providing financial services within the EU or catering to EU customers.

California-based cybersecurity company Rubrik has commissioned research that almost half of UK financial businesses report spending over €1 million each over the last two years in trying to comply with the new EU regulation. DORA mandates key provisions such as contractual safeguards and contingency plans to mitigate risks from partners and third parties. DORA compliance also requires regular testing of digital resilience and attack simulations.

Read More
Tony Glover
cybercrime News Russia
0
33

Women break glass ceiling of Russian cybercrime

Women cybercriminals and lady Darknet hackers are now starting to make inroads into the hitherto male-dominated fraternities of Russian-speaking cybercrime. According to the cybersecurity training and certification cooperative, the SANS Institute, women cybercriminals sometimes now pose as men in order to obfuscate their identities as well as to gain credibility among Russian-speaking criminals.

The SANS Institute interviewed one such woman cybercriminal, who is referred to only as a “Confidential Human Source (CHS)” in order to comply with her request for anonymity.

“I often took my boyfriend to in-person meetings,” CHS revealed, shining a new light on a so-far largely unrecognized aspect of cybercrime, the fact that cybercriminals meetings are frequently also conducted offline.

Read More
Alexis Hess
Arrest Cryptocurrency News
0
28

Cryptocurrency Laundering Top Dog Arrested

Russian-Swedish native Roman Sterlingov has been sentenced to twelve years in prison for his alleged involvement in Bitcoin Fog, the longest-running cryptocurrency laundering service on the dark web. Sterlingov reportedly operated Bitcoin Fog for a decade and processed over 1.2 million Bitcoin, valued at approximately $400 million at the time of the transactions.  

Bitcoin Fog ran from 2011-2021 and quickly garnered a reputation among the dark web community as the “go-to” cryptocurrency “mixer” for cybercriminals looking to hide their illicit funds from law enforcement. Bitcoin Fog would pool the “dirty” cryptocurrency and redistribute it in order to make the funds untraceable. According to court documents, the cryptocurrency laundered was mainly derived from darknet marketplaces tied to illegal narcotics, identity theft, and child sexual abuse material.

Read More
Alexis Hess
Cryptocurrency Government News
0
25

Feds Create Their Own Cryptocurrency for Sting Operation

The US Federal Bureau of Investigation (FBI) has created “NexFundAI”, a cryptocurrency created to further their investigation, “Operation Token Mirrors.” The FBI also announced that 18 individuals have been charged for market manipulation and “wash trading” — the first of its kind in the cryptocurrency industry.

The investigation, described as “a new twist to old-school financial crime”, garnered charges against cryptocurrency company leaders and employees from Texas, the UK, and Portugal, and over $25 million in seized cryptocurrency. NexFundAI enabled the FBI to monitor and track illicit activities conducted by cryptocurrency companies and financial service firms, or “market makers.”

Read More
Editorial Team
AI cybercrime deepfake News
0
35

Cybercriminals ramp up AI-driven deepfake scams

Cyber toolkits for threat actors are now harnessing the latest deepfake technology and artificial intelligence (AI) for targeted email attacks, known as ‘spear-phishing.’ According to cloud cybersecurity firm Egress, a staggering 82 percent of phishing toolkits mentioned deepfakes, and 75 percent referenced AI.

The growing threat presented by the use of deepfakes by cybercriminals was highlighted earlier this year at InfoSecurity Europe in London. Widely available toolkits now enable even relatively unskilled hackers to create highly convincing video and audio clips of chief executives (CEOs) and other senior staff members in any specific organization. All the threat actor needs is a short video clip of the person they wish to impersonate. This can easily be copied from a corporate seminar or from a video podcast.

Read More
Editorial Team
cybercrime News Supply Chain
0
25

Cybercrime gets physical

Cyber-physical systems (CPS), such as operational technology (OT), the Internet of Things (IoT), building management systems (BMS) and connected media devices have now become a prime target for ransomware attacks.

According to security firm, Claroty, cyber-physical attacks are now placing significant financial strain across organizations in several key sectors. Almost half of the respondents, 45 percent, to an independent survey commissioned by Claroty report financial losses of $500,000 or more over the last 12 months from cyber-attacks affecting CPS. Over a quarter, 27 percent, report losses of $1 million or more.

“The most financially impacted sectors are chemical manufacturing, power and energy, and mining and materials, with 54-55 percent of respondents in each sector reporting more than $500,000 in losses from incidents in the last 12 months,” says the report, The Global State of CPS Security 2024.

Read More
Andy Sheldon
AI Cybersecurity Executives Expert Opinions
0
25

A Deluge of Powerful Fraud Tactics Are Giving Businesses Trust Issues

It feels like fraudsters are consistently staying one step ahead of us. Back in early 2022, a study found that one out of every four accounts made online was fake—and that number has only gotten worse. The auto lending industry, for example, saw a staggering $7.9 billion in losses due to a 98% spike in synthetic fraud in 2023. They’re not alone in fending off more fraud attempts than ever as malicious actors turn to generative artificial intelligence to increase both the sophistication and the sheer number of fake accounts trying to bypass verification steps and swindle businesses.

The increase we’ve seen in synthetic identities is causing a new host of problems. Not only are more businesses finding themselves with fake customers in their systems—financial institutions mistakenly giving credit to synthetic identities, colleges and universities grappling with applications from fake students, and more—but some of the measures being taken to tamp down on fraudsters’ relentless advances have had the unfortunate side effect of pushing away legitimate customers.

Read More
Editorial Team
Breaking News Geopolitics News
0
26

Ukraine takes down Russia’s financial services

Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services.

According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services.

The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.

Read More
Tony Glover
Analysis cybercrime Vulnerability
0
34

Exclusive: CrowdStrike crash is only the beginning…

The famous “blue screen of death,” witnessed with horror by 8.5 million Microsoft Windows users worldwide as a result of the ongoing CrowdStrike outage, may soon become a far more familiar sight across a wide range of sectors.

While there is no evidence that the widespread Microsoft Windows outage caused by the CrowdStrike upgrade was anything but accidental, many in the cybersecurity industry are seeing the past week’s experience as a dummy run for a full-fledged cyber-attack aimed at crippling critical infrastructure. As the current media pictures of people sleeping in airports testify, some sectors appear to be faring better than others.

Read More
Tony Glover
AI Analysis deepfake
0
1.43K

Exclusive: Deepfakes being used to manipulate share prices

Cash-rich cybercriminals are learning that the easiest way to make money on the stock markets while laundering cash at the same time is to use deepfake videos to impact share prices, albeit temporarily.

According to Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight: “Using video and audio deepfakes to manipulate share prices for financial gain is definitely happening, but is something no one is currently talking about.”

“Using a deepfake to announce a takeover could, for instance, drive up a stock in which the threat actor owns shares. Alternatively, a negative announcement such as a dire profits warning could be used to lower the share price so that the threat actor could buy the shares at a knock-down price, only to sell them again when the profits warning was seen to be fake” adds Grieveson.

Read More
Tony Glover
Analysis Banking Threats cybercrime
0
33

Exclusive: Banks face a growing physical security threat

Banks, traditionally the main target for cybercriminal groups, are now being attacked not only by new online hacking techniques but also by a growing range of physical hacking tools and techniques. While financial institutions have high levels of cybersecurity and strong physical security, they currently face a growing threat from combined physical and digital assaults.

“Physical security and cybersecurity convergence in the business environment. A favorite weapon in the hacker arsenal is the Flipper Zero, an inexpensive pocketable device that enables you to hack into nearby smartphones and IT systems,” says Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight.

Read More
Editorial Team
cybercrime Malware News
0
27

TeaBot banking malware infects 70k smartphones

TeaBot, a highly sophisticated type of malware, is increasingly infecting Android smartphones. Cybersecurity firm Zscaler’s ThreatLabz reported a sharp rise in malicious activity leveraging TeaBot this week.

TeaBot, also known as “Anatsa,” is designed to impersonate seemingly harmless applications such as PDF and WR code readers. Once installed on an Android smartphone, it acts as a Trojan horse containing numerous financial scams.

“[TeaBot] is a known Android banking malware that targets applications from over 650 financial institutions, primarily in Europe. We observed Anatsa actively targeting banking applications in the US and UK. However, recent observations indicate that threat actors have expanded their targets to include banking applications in Germany, Spain, Finland, South Korea, and Singapore,” explains Zscaler ThreatLabz.

Read More
Editorial Team
cybercrime News ransomware
0
32

Ransomware drives corporate cyber-crime

Cybercriminals are getting greedier. According to Google subsidiary Mandiant’s M-Trends 2024 Special Report, the proportion of financially motivated intrusions grew from more than a quarter of all investigations (26 percent) in 2022 to over a third (36 percent) in 2023.

Ransomware-related intrusions represented almost two-thirds of financially motivated intrusions and 23 percent of all 2023 intrusions; the remaining financially motivated intrusions included business email compromise (BEC) fraud and cryptocurrency theft. In 70 percent of cases, organizations learned of ransomware-related intrusions from external sources. In three-quarters of those cases, organizations were notified of a ransomware incident by an attacker ransom message. The remaining quarter came from external partners, such as law enforcement or cybersecurity companies.

“This is consistent with the extortion business model in which attackers intentionally and abruptly notify organizations of a ransomware intrusion and demand payment,” says Mandiant.

Read More
Tony Glover
Data Leak Finance News
0
24

FNF hack exposes 1.3m customer details

US real estate financial services fat cat, Fidelity National Financial (FNF), has revealed details of a cybersecurity breach that occurred in November, exposing the details of 1.3 million customers. An updated filing to the US Securities and Exchange Commission (SEC) claims the attack, which occurred on November 19, 2023, was detected early on and successfully contained.

But despite FNF’s best efforts, over a million customers will wonder if the threat actors behind the breach also believe that their attack has been successfully “contained.” The nature of their target suggests otherwise. A Fortune 500 company, FNF is one of the largest companies of its kind in the US, with an annual revenue of over $10 billion, a market capitalization of $13.3 billion, and a staff of over 23,000 people.

Read More
Tony Glover
Breaking News News Wire Fraud
0
25

Western Union payouts highlight the “insider threat”

International money transfer company, US-based Western Union, has been obliged to pay a further $40 million on top of a previous $365 million payout to defrauded customers. As many customers were the victims of phishing attacks in which Western Union had already admitted some of its staff were complicit, the payouts highlight the growing “insider threat” now facing multinational corporations.

Read More