Tag: finance
Exclusive: Deepfakes being used to manipulate share prices
Cash-rich cybercriminals are learning that the easiest way to make money on the stock markets while laundering cash at the same time is to use deepfake videos to impact share prices, albeit temporarily. According to Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight: “Using video and audio deepfakes to manipulate share prices for financial gain is definitely happening, but is something no one is currently talking about.” “Using a deepfake to announce a takeover could, for instance, drive up a stock in which the threat actor owns shares. Alternatively, a negative announcement such as a dire profits warning could be used to lower the share price so that the threat actor could buy the shares at a knock-down price, only to sell them again when the profits warning was seen to be fake” adds Grieveson.
Exclusive: Banks face a growing physical security threat
Banks, traditionally the main target for cybercriminal groups, are now being attacked not only by new online hacking techniques but also by a growing range of physical hacking tools and techniques. While financial institutions have high levels of cybersecurity and strong physical security, they currently face a growing threat from combined physical and digital assaults. “Physical security and cybersecurity convergence in the business environment. A favorite weapon in the hacker arsenal is the Flipper Zero, an inexpensive pocketable device that enables you to hack into nearby smartphones and IT systems,” says Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight.
Ticketmaster Breach Data Posted on New BreachForums – May 31st
The 'ShinyHunters' threat actor group posted data from a Ticketmaster data breach, potentially belonging to 560M users, asking for $500K in exchange for the data. Analysts at Vx-Underground analyzed a sample of the Ticketmaster data and determined that the data was authentic, containing entries dating back to 2011.
TeaBot banking malware infects 70k smartphones
TeaBot, a highly sophisticated type of malware, is increasingly infecting Android smartphones. Cybersecurity firm Zscaler’s ThreatLabz reported a sharp rise in malicious activity leveraging TeaBot this week. TeaBot, also known as “Anatsa,” is designed to impersonate seemingly harmless applications such as PDF and WR code readers. Once installed on an Android smartphone, it acts as a Trojan horse containing numerous financial scams. “[TeaBot] is a known Android banking malware that targets applications from over 650 financial institutions, primarily in Europe. We observed Anatsa actively targeting banking applications in the US and UK. However, recent observations indicate that threat actors have expanded their targets to include banking applications in Germany, Spain, Finland, South Korea, and Singapore,” explains Zscaler ThreatLabz.
Ransomware drives corporate cyber-crime
Cybercriminals are getting greedier. According to Google subsidiary Mandiant’s M-Trends 2024 Special Report, the proportion of financially motivated intrusions grew from more than a quarter of all investigations (26 percent) in 2022 to over a third (36 percent) in 2023. Ransomware-related intrusions represented almost two-thirds of financially motivated intrusions and 23 percent of all 2023 intrusions; the remaining financially motivated intrusions included business email compromise (BEC) fraud and cryptocurrency theft. In 70 percent of cases, organizations learned of ransomware-related intrusions from external sources. In three-quarters of those cases, organizations were notified of a ransomware incident by an attacker ransom message. The remaining quarter came from external partners, such as law enforcement or cybersecurity companies. “This is consistent with the extortion business model in which attackers intentionally and abruptly notify organizations of a ransomware intrusion and demand payment,” says Mandiant.
Ransomware Attacks Decline by 11% in 2023 – February 21st
IBM X-Force released a report, disclosing that ransomware attacks declined by 11.5% in 2023, compared to 2022. IBM says the decline in ransomware attacks is largely due to the new cybercrime focus of infostealing tactics which rose by 32%. IBM X-Force's report gathered data for the report based on 150 billion daily security events from 130 countries last year.
FNF hack exposes 1.3m customer details
US real estate financial services fat cat, Fidelity National Financial (FNF), has revealed details of a cybersecurity breach that occurred in November, exposing the details of 1.3 million customers. An updated filing to the US Securities and Exchange Commission (SEC) claims the attack, which occurred on November 19, 2023, was detected early on and successfully contained. But despite FNF’s best efforts, over a million customers will wonder if the threat actors behind the breach also believe that their attack has been successfully “contained.” The nature of their target suggests otherwise. A Fortune 500 company, FNF is one of the largest companies of its kind in the US, with an annual revenue of over $10 billion, a market capitalization of $13.3 billion, and a staff of over 23,000 people.
November’s Ransomware Leak Victims Reach Record High – December 25th
A record-high 484 ransomware victims were posted on publicly available sites in November 2023, according to a Corvus Insurance report. The spike in ransomware victims' information being leaked reflects a 39.08% increase compared to October 2023 and a staggering 110.43% increase compared to November 2022.
Hack costs Mixin Network $200M – September 26th
Dubbed the ‘biggest hack of the year’, the recent attack on Hong Kong-based digital wallet company, Mixin Network has cost the company $200 million worth of crypto assets. Network authorities have announced that deposits and withdrawals on the site will only recommence once all vulnerabilities have been confirmed and fixed.
Western Union payouts highlight the “insider threat”
International money transfer company, US-based Western Union, has been obliged to pay a further $40 million on top of a previous $365 million payout to defrauded customers. As many customers were the victims of phishing attacks in which Western Union had already admitted some of its staff were complicit, the payouts highlight the growing “insider threat” now facing multinational corporations.