#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

stealing bank account | Breaking Cybersecurity News | The Hacker News

Category — stealing bank account
Self-Service Bank Passbook Printing Machines Leak Customers Financial Details

Self-Service Bank Passbook Printing Machines Leak Customers Financial Details

Aug 07, 2015
Gone are the days when you had to wait in a queue to get your Bank passbook updated. With the implementation of automated machines in Banks, it's now a game of seconds to update your passbook yourself. Bank Passbook is a copy of the customer's account in the books of the bank which includes client's current account balance and transaction details (deposits and withdrawals). But, Are these Automated Machines holding your Financial Information Hack-Proof? Last year, Major Indian Banks rolled out a barcode based passbook printers called ' Swayam ' which can be operated by customers themselves. 17-year-old Indian bug hunter, Indrajeet Bhuyan , found that the barcode technology used by more than 3000 Indian Banking Branches, including State Bank of India , UCO Bank and Canara Bank , is vulnerable to information disclosure. To use Swayam, the s elf-service passbook printing machine , the customers need just to feed their passbook into the machine, which will read the barcod...
Hackers exploiting Router vulnerabilities to hack Bank accounts through DNS Hijacking

Hackers exploiting Router vulnerabilities to hack Bank accounts through DNS Hijacking

Feb 10, 2014
In past months, we have reported about critical vulnerabilities in many wireless Routers including Netgear, Linksys,  TP-LINK, Cisco, ASUS, TENDA and more vendors, installed by millions of home users worldwide. Polish Computer Emergency Response Team (CERT Polska) recently noticed a large scale cyber attack ongoing campaign aimed at Polish e-banking users. Cyber criminals are using known router vulnerability which allow attackers to change the router's DNS configuration remotely so they can lure users to fake bank websites or can perform Man-in-the-Middle attack. ' After DNS servers settings are changed on a router, all queries from inside the network are forwarded to rogue servers. Obviously the platform of a client device is not an issue, as there is no need for the attackers to install any malicious software at all. ' CERT Polska researchers said. That DNS Hijacking trick is not new, neither most of the router vulnerabilities are, but still millions of...
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025

The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025

Feb 06, 2025AI Security / Cybersecurity
Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 (according to Research Nester), organizations invest heavily in PAM solutions. Why is PAM climbing the ranks of leadership priorities? While Gartner highlights key reasons such as enhanced security, regulatory compliance readiness, and insurance requirements, the impact of PAM extends across multiple strategic areas. PAM can help organizations enhance their overall operational efficiency and tackle many challenges they face today. To explore more about PAM's transformative impact on businesses, read The Cyber Guardian: PAM's Role in Shaping Leadership Agendas for 2025 by a renowned cybersecurity expert and former Gartner lead analyst Jonathan Care.  What cybersecurity challenges may organizations face in 2025? The cybersecurity landsca...
Stabuniq Trojan rapidly stealing data from US banks

Stabuniq Trojan rapidly stealing data from US banks

Dec 23, 2012
Trojan.Stabuniq geographic distribution by unique IP address Security researchers from Symantec have identified a new Trojan that appears to be targeting financial institutions. Dubbed Trojan.Stabuniq , the malware has been collecting information from infected systems potentially for the preparation of a more damaging attack. According to researchers , roughly 40 IP addresses infected with the Stabuniq Trojan, 40% per cent belong to financial institutions who are mostly based in Chicago and New York. The malware appears to be spread by a phishing attack through spam e-mail containing a link to the address of a server hosting a Web exploit toolkit . Such toolkits are commonly used to silently install malware on Web users' computers by exploiting vulnerabilities in outdated browser plug-ins like Flash Player , Adobe Reader , or Java. These attacks can be very simple, such as a written email from a prince in Nigeria asking for bank account...
cyber security

Webinar: 5 Ways New AI Agents Can Automate Identity Attacks | Register Now

websitePush SecurityAI Agents / Identity Security
Learn how CUAs like OpenAI Operator can be used by attackers to automate account takeover and exploitation.
Shylock malware : Undetectable virus stealing bank account information

Shylock malware : Undetectable virus stealing bank account information

Dec 01, 2012
Shylock, a financial malware platform discovered by Trusteer in 2011, is a non-Zeus-based information-stealing trojan that improved methodology for injecting code into additional browser processes to take control of a computer, and an improved evasion technique to prevent malware scanners from detecting its presence. Why this Name ?  Shylock named after the ruthless money lender in Shakespeare's The Merchant of Venice, also deletes its installation files, runs solely in memory, and begins the process again once the infected machine reboots. Shylock has gained a new trick: The ability to detect whether it's running in a virtual machine (VM) that is being analyzed by malware researchers. What New ?  Latest Shylock dropper detects a remote desktop environment by feeding invalid data into a certain routine and then observing the error code returned. It uses this return code to differentiate between normal desktops and other "lab" environments. In particular, when execu...
Expert Insights / Articles Videos
Cybersecurity Resources