#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

bank hacking | Breaking Cybersecurity News | The Hacker News

SWIFT Hackers Steal $10 Million From Ukrainian Bank

SWIFT Hackers Steal $10 Million From Ukrainian Bank
Jun 28, 2016
A Ukrainian bank has become the latest victim of the widespread cyber attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT. Hackers have reportedly stolen $10 Million from an unnamed bank in Ukraine by exploiting the SWIFT international banking system, according to an independent IT monitoring organization called the Information Systems Audit and Control Association (ISACA). Swift or the Society for Worldwide Interbank Financial Telecommunication is the global banking messaging system responsible for managing Billions of dollars in money transfers each day between financial institutions worldwide. The ISACA branch in Ukraine, who has been hired by the targeted bank to investigate the heist, disclosed that some unknown hackers were able to compromise the bank's security in similar way they hacked Bangladesh central bank and stole $81m (£56m), the Kyiv Post reports. "At the current moment, dozens of ba

Russia arrests 50 hackers who stole $25 million from Banks

Russia arrests 50 hackers who stole $25 million from Banks
Jun 03, 2016
Russian authorities have arrested a gang of 50 hackers suspected of stealing more than 1.7 Billion Rubles ( over US$25 Million ) from banks and other financial institutions in the country since 2011. The same criminal gang had tried to steal a further 2.273 Billion Roubles by issuing false payment instructions, but that were blocked. The group allegedly used a Trojan called " Lurk " to set up a network of bots on infected computers to carry out the attacks, according to Russia's FSB ( Federal Security Service ). Initially identified in 2012, Lurk is a "fileless" Trojan that runs in RAM and has mostly been used for collecting banking credentials, especially for banks in Eastern Europe and the Russian Federation. The criminal gang allegedly seeded some of Russia's most popular websites with Lurk. Once infected, the malware downloaded more software modules, allowing the hackers to gain remote access to victims' computers. The hackers then stole

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Fraudsters Stole ¥1.4 Billion from 1,400 Japanese ATMs in Just 3 Hours

Fraudsters Stole ¥1.4 Billion from 1,400 Japanese ATMs in Just 3 Hours
May 23, 2016
In an era where major data hacks are on the rise, it is no surprise breaches on individuals are also up. In just three hours, over 100 criminals managed to steal ¥1.4 Billion ( approx. US$12.7 Million ) from around 1,400 ATMs placed in small convenience stores across Japan. The heist took place on May 15, between 5:00 am and 8:00 am, and looked like a coordinated attack by an international crime network. The crooks operated around 1,400 convenience store ATMs from where the cash was withdrawn simultaneously in 16 prefectures around Japan, including Tokyo, Osaka, Fukuoka, Kanagawa, Aichi, Nagasaki, Hyogo, Chiba and Nigata, The Mainichi reports . Also Read: Tyupkin Malware Hacking ATM Machines Worldwide Many ATM incidents involve a long-established technique called ' ATM Skimming ' in which criminals install devices to obtain card details via its magnetic stripe, or use ATM malware or from data breaches, and then work with so-called carders and money mules to pilfe

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Ecuador Bank Hacked — $12 Million Stolen in 3rd Attack on SWIFT System

Ecuador Bank Hacked — $12 Million Stolen in 3rd Attack on SWIFT System
May 21, 2016
Bangladesh is not the only bank that had become victim to the cyber heist . In fact, it appears to be just a part of the widespread cyber attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT. Yes, the global banking messaging system that thousands of banks and companies around the world use to transfer Billions of dollars in transfers each day is under attack. A third case involving SWIFT has emerged in which cyber criminals have stolen about $12 million from an Ecuadorian bank that contained numerous similarities of later attacks against Bangladesh's central bank that lost $81 Million in the cyber heist . The attack on Banco del Austro (BDA) in Ecuador occurred in January 2015 and, revealed via a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank on Jan. 28, Reuters reported. Here's how cyber criminals target banks: Uses malware to circumvent local security systems of a bank. Gains acces

Hacker Steals Money from Bank and Donates $11,000 to Anti-ISIS Group

Hacker Steals Money from Bank and Donates $11,000 to Anti-ISIS Group
May 19, 2016
Meet this Robin Hood Hacker: Phineas Fisher, who breached Hacking Team last year, revealed on Reddit Wednesday that he hacked a bank and donated the money to Kurdish anti-capitalists in Rojava autonomous region in northern Syria that borders territory held by the ISIS ( Islamic State militant group ). Fisher, also known as "Hack Back" and "@GammaGroupPR," claimed responsibility for both the Hacking Team and Gamma Group data breaches. The vigilant hacker donated 25 Bitcoin (worth around US$11,000) to a crowdfunding campaign known as the Rojan Plan, which has been set up by members of the Rojava's economic committee, described by Fisher as "one of the most inspiring revolutionary projects in the world." Also Read:  Here's How Hackers Stole $80 Million from Bangladesh Bank The funds donated to the campaign came from a bank heist, though the hacker neither revealed the name of the bank nor provided any further details of the bank heist. Whe

Second Bank hit by Malware attack similar to $81 Million Bangladesh Heist

Second Bank hit by Malware attack similar to $81 Million Bangladesh Heist
May 13, 2016
SWIFT, the global Society for Worldwide Interbank Financial Telecommunications, warned on Thursday of a second malware attack similar to the Bangladesh central bank hack one that led to $81 million cyber heist. In February,  $81 Million cyberheist at the Bangladesh central bank was carried out by hacking into SWIFT, the global financial messaging system that thousands of banks and companies around the world use to transfer billions of dollars every day. However, the hackers behind the cyber heist appear to be part of a comprehensive online attack on global banking and financial infrastructure. The second attack involving SWIFT targeted a commercial bank, which the company declined to identify. SWIFT also did not immediately clear how much money, if any, was stolen in the attack. However, SWIFT spokeswoman Natasha de Teran said that the second attack and the Bangladesh bank heist contained numerous similarities and were very likely part of a "wider and highly adaptive

Russian Hacker Who Stole From Banks Ordered to Pay $7 Million

Russian Hacker Who Stole From Banks Ordered to Pay $7 Million
May 03, 2016
A Russian man who spent about 3 years behind bars in the United States has been spared further prison time but ordered to pay $7 Million to cover damages he caused to banks using a vicious computer virus. Nikita Vladimirovich Kuzmin was arrested in 2010 and imprisoned in August 2011 for developing a sophisticated computer malware called Gozi and infecting more than 1 million computers worldwide, causing tens of millions of dollars in losses. Kuzmin was sentenced Monday to the 37 months he has already served in custody, and ordered to pay $6,934,979 that authorities have identified as the damages experienced by two major Banks, one located in the U.S. and the other in Europe, Department of Justice says . Kuzmin received a lighter sentence due to his "substantial assistance" in the investigation that resulted in the conviction of Latvian national Deniss Calovskis as well as the arrest of Romanian Mihai Ionut Paunescu, who is awaiting extradition to the United States.

How Did Hackers Who Stole $81 Million from Bangladesh Bank Go Undetected?

How Did Hackers Who Stole $81 Million from Bangladesh Bank Go Undetected?
Apr 25, 2016
In Brief Investigators from British defense contractor BAE Systems discovered that hackers who stole $81 million from the Bangladesh Central Bank actually hacked into software from SWIFT financial platform, a key part of the global financial system. The hackers used a custom-made malware to hide evidence and go undetected by erasing records of illicit transfers with the help of compromised SWIFT system. The Bangladesh Bank hackers, who managed to steal $81 Million from the bank last month in one of the largest bank heists in history, actually made their tracks clear after hacking into SWIFT, the heart of the global financial system. SWIFT , stands for the Society for Worldwide Interbank Financial Telecommunications, is a global messaging network used for most international money and security transfers. More than 11,000 Global Banks on HIGH ALERT! Nearly 11,000 Banks and other financial institutions around the World use SWIFT system to send securely and receive payment

Bank with No Firewall. That's How Hackers Managed to Steal $80 Million

Bank with No Firewall. That's How Hackers Managed to Steal $80 Million
Apr 23, 2016
In Brief Investigators from the Forensic Training Institute of the Bangladesh investigated the $80 Million bank heist and discovered that the hackers managed to gain access to the network because the Bank was using second-hand $10 network switches without a Firewall to run its network. When it was reported last month that an unknown hacking group attempted to steal $1 Billion from Bangladesh's Federal Reserve bank account with the help of a malware and, in fact, successfully stole over $80 Million , the investigators would not say how the hackers managed to bypass the security solutions on its network. But in reality, there was no security solution installed to help protect against increasingly sophisticated attacks. This lack of security practices made it incredibly easier for the hackers to break into the system and steal $81 Million, though a simple typo (spell error) by hackers halted the further transfers of the $850 Million funds. The network computers that we

Security Researcher Goes Missing, Who Investigated Bangladesh Bank Hack

Security Researcher Goes Missing, Who Investigated Bangladesh Bank Hack
Mar 19, 2016
Tanvir Hassan Zoha , a 34-year-old security researcher, who spoke to media on the $81 Million Bangladesh Bank cyber theft , has gone missing since Wednesday night, just days after accusing Bangladesh's central bank officials of negligence. Zoha was investigating a recent cyber attack on Bangladesh's central bank that let hackers stole $81 Million from the banks' Federal Reserve bank account. Though the hackers tried to steal $1 Billion from the bank, a simple typo prevented the full heist. During his investigation, Zoha believed the Hackers, who are still unknown, had installed Malware on the bank's computer systems few weeks before the heist that allowed them to obtain credentials needed for payment transfers. With the help of those credentials, the unknown hackers transferred large sums from Bangladesh's United States account to fraudulent accounts based in the Philippines and Sri Lanka. However, at the same time, Zoha accused senior offic

Here's How Hackers Stole $80 Million from Bangladesh Bank

Here's How Hackers Stole $80 Million from Bangladesh Bank
Mar 14, 2016
The recent cyber attack on Bangladesh's central bank that let hackers stole over $80 Million from the institutes' Federal Reserve bank account was reportedly caused due to the Malware installed on the Bank's computer systems. Few days ago, reports emerged of a group of unknown hackers that broke into Bangladesh's central bank, obtained credentials needed for payment transfers from Federal Reserve Bank of New York and then transferred large sums to fraudulent accounts based in the Philippines and Sri Lanka. The criminal group was able to steal a total value of about $81 Million from the Federal Reserve's Bangladesh account through a series of fraudulent transactions, but a typo in some transaction prevented a further $850 Million Heist . However, the question was still there: How the Hackers managed to transfer $80 Million without leaving any Trace? Security researchers from FireEye's Mandiant forensics are helping the Dhaka investigat

How a Typo Stopped Hackers from Stealing $1 Billion from Bank

How a Typo Stopped Hackers from Stealing $1 Billion from Bank
Mar 12, 2016
Typos are really embarrassing, but this time it saved the Bangladesh Central Bank and the New York Federal Reserve by preventing a nearly $1 Billion ( £700 Million ) heist. Last month, some unknown hackers broke into Bangladesh's central bank, obtained credentials needed for payment transfers and then transfer large sums to fraudulent accounts based in the Philippines and Sri Lanka . But… A single spelling mistake in an online bank transfer instruction prevented the full theft, according to Reuters . Here's what actually was happened: Nearly three dozen requests hit the Federal Reserve Bank of New York on 5 February using the Bangladesh Bank's SWIFT code, out of which four resulted in successful transfers, for a total value of about $81 million. However, when the hackers attempted to make their fifth transfer of $20 Million to a Sri Lankan non-governmental organization called the Shalika Foundation , they made a typo by attempting a transfer to the Shalika "

26-Year-Old Hacker Sentenced to Record 334 Years in Prison

26-Year-Old Hacker Sentenced to Record 334 Years in Prison
Jan 11, 2016
A 26-year-old hacker has been sentenced to 334 years in prison for identity theft as well as mass bank fraud in Turkey, or in simple words, he has been sentenced to life in prison . Named Onur Kopçak , the hacker was arrested in 2013 for operating a phishing website that impersonated bank site, tricking victims into providing their bank details including credit card information. Kopçak's website was part of a big credit card fraud scheme in which he and other 11 operators were making use of the illegally obtained bank account details to carry out fraudulent operations. During his arrest in 2013, Turkish law authorities charged Kopçak with: Identity fraud Website forgery Access device fraud Wire fraud... ...and sentenced him to 199 years 7 months and 10 days in prison, following complaints from 43 bank customers. However, during the investigation, 11 other bank customers also filed complaints about their payment card fraud, thus triggering a new trial

JPMorgan Hack — Three Men Charged in Biggest Bank Hack in History

JPMorgan Hack — Three Men Charged in Biggest Bank Hack in History
Nov 10, 2015
The US government has charged hackers over the largest ever hacking case in financial history. The US Court of the Southern District of New York has charged three men accused of hacking into many financial institutions, including JPMorgan Chase that, according to the officials, was "the largest theft of user data from a U.S. financial institution in history." JPMorgan Chase is one of the world's biggest banks that controls total assets worth more than $2.59 Trillion . The Hackers targeted at least nine financial institutions between 2012 and mid-2015, including JPMorgan Chase, brokerages and a major business news publication, and stolen information of " over 100 Million customers ," Bloomberg reported Tuesday. The three men, including Gery Shalon , Ziv Orenstein , and Joshua Samuel Aaron were charged with 23 counts, including hacking, identity theft, securities fraud, and money laundering, among others. A separate indictment was also

Report: German Bank ATMs vulnerable to Hackers

Report: German Bank ATMs vulnerable to Hackers
Nov 02, 2015
Avoiding Credit Card Fraud is simply easy as long as you use cash. But, what if you even get hacked while withdrawing cash from an ATM? If you are living in Germany or traveling there, then think twice before using your payment cards in the ATMs. Here's why: A Security researcher in Germany has managed to hack ATM and self-service terminal from Sparkasse Bank that allowed him to reveal the sensitive details from the payment card inserted into the machine. Benjamin Kunz-Mejri , CEO of Germany-based security firm Vulnerability Lab , discovered a vulnerability while using a Sparkasse terminal that suddenly ejected his card, and changed status to " temporarily not available. " Meanwhile, the machine automatically started performing software update process in the background. However, Benjamin used a special keyboard combination to trick the ATM into another mode. Benjamin's trick forced ATM system to put update process console (cmd) in the foreground

Researcher warns about Security Loopholes in Denmark's Largest Bank

Researcher warns about Security Loopholes in Denmark's Largest Bank
Oct 06, 2015
While accessing your Bank account online, Have you ever thought… ...there could be a Hacker, somewhere in the World, who is after your Money? Maybe NO . Because, you believe that your bank offers Secure banking solution, Right? At The Hacker News, we have reported many incidents of cyber attacks , which proves that Banks are more often being targeted by Hackers, despite robust Banking Security mechanisms. Today we are going to talk about security of one of the  Denmark's Largest Bank , reviewed by Sijmen Ruwhof , an Ethical Hacker, and IT Security Consultant. Ruwhof recently published a blog post, " How I could Hack Internet Bank accounts of Danish Largest Bank in a few minutes ". His In-depth technical post explains the extent to which Danske Bank , one of the largest Danish Bank, is vulnerable to hacking. In August, Ruwhof got intrigued with the idea of testing Bank's security while interacting with a group of Danish hackers at the Chaos Communica

World's 9 Biggest Banks to adopt Bitcoin's Blockchain Technology

World's 9 Biggest Banks to adopt Bitcoin's Blockchain Technology
Sep 17, 2015
The Existing Infrastructure used by Financial institutions like Banks is Archaic, Slow, and Costly, with hardly any innovation in the past three decades. Nine of the World's renowned Banks, including JPMorgan , Royal Bank of Scotland , Goldman Sachs and Barclays , are collaborating with New York-based financial tech firm R3 to create a new framework based on Bitcoin's Blockchain. Yes, they are back in the game yet again, but this time officially! Blockchain — the public and decentralized ledger technology that underpins all Bitcoin transactions has been now recognized as " the future for financial services infrastructure ". The blockchain technology is a way of keeping records by listing the owner's name with all the previous and present transaction the client was involved. It is a public ledger where a list of all the transactions ever executed is maintained. The Banks are planning to develop and implement Blockchain-like Technology where distributed/shared

17-year-old Arrested for Massive DDoS Attack on Norway's Financial Sector

17-year-old Arrested for Massive DDoS Attack on Norway’s Financial Sector
Jul 14, 2014
The Norwegian police have arrested and charged a 17-year-old for a massive distributed denial-of-service (DDoS) attack earlier this week that disabled the websites of major financial institutions and other businesses in the country. Distributed Denial of Service (DDoS) attack is designed to sabotage, shut down and overload the targeted website with web traffic more than its capacity in order to make it unavailable to users. The attack targeted five major banks, two telecommunication firms, three airlines and one insurance company, as their websites and online payment systems were disrupted. The unnamed teen claimed to be a part of the hacktivist group Anonymous Norway for what was thought to be the country's biggest ever cyber-attack on businesses. Although, the Anonymous Norway, via a Twitter message, has dismissed any connection to him or the cyber attack. The youngster was a resident of Bergen, on Norway's west coast. He was arrested on Thursday morning and que

Infamous Hacker 'Diabl0' arrested in Bangkok, responsible for $4 Billion Damage to Swiss Banks

Infamous Hacker 'Diabl0' arrested in Bangkok, responsible for $4 Billion Damage to Swiss Banks
Mar 18, 2014
27-year-old Infamous Moroccan-Russian hacker arrested by Thailand's Department of Special Investigation (DSI)  in Bangkok, accused of cracking Switzerland Bank Computers and websites. Farid Essebar , went by the online screen name " Diabl0 ", has been wanted from last three years, and finally arrested on Tuesday with the joint operation of Thai and Swiss authorities and will be extradited to Switzerland soon. In 2011, He allegedly duplicated the Bank website pages to dupe more than 1,000 people and responsible for damage of $4 Billion and subject to an 'International' arrest warrant for forgery and piracy of financial institutions. '' We arrested the suspect at a condominium on Rama IV Road. Next Thailand will send him to Switzerland within 90 days in accordance with the extradition agreement, '' Police Colonel Songsak Raksaksakul of the Department of Special Investigation said. In 2005, 18-year-old Farid Essebar was arrested b

Banks to Pay Microsoft Millions of Dollars for extended Windows XP Support

Banks to Pay Microsoft Millions of Dollars for extended Windows XP Support
Mar 18, 2014
Despite so many warnings from Microsoft and Cyber Security Experts, Windows XP is still being used by a number of Government organizations, Financial institutions as well as big Corporations all around the world. If we look at the statistics then almost 30% of computers you will find that still run Windows XP , including banks, airline companies, and other huge enterprises, the count in real is likely to be even higher than the estimated. But If you stick with Windows XP after April 8 2014 , you might be at a great risk as XP will take its last breath officially on that day and will die! This fact poses danger to its users as they will be exposed to all kinds of threats. Almost thirteen years after it was 'first released' i.e. April 8 when the Redmond, Washington-headquartered Corporation will stop support for its longest running and most successful OS, Windows XP. Continue using Windows XP after April 8, it will serve you as a Dead Zombie, because Microsoft w
Cybersecurity Resources