March 13, 2024 at 06:04AM PixPirate is a sophisticated Brazilian banking Trojan targeting Android devices. It exploits the Pix app for bank transfers in Brazil and employs a deceptive method to conceal its presence, allowing it to steal login credentials and execute unauthorized transfers. The malware’s advanced capabilities and hiding technique present potential concerns for … Read more
March 11, 2024 at 10:51AM A new banking trojan called CHAVECLOAK targets users in Brazil via phishing emails with PDF attachments. The attack involves deceptive DocuSign lures leading to an installer file, which installs CHAVECLOAK malware. This sophisticated malware steals sensitive information, monitors financial portals, and connects to a command-and-control server. Additionally, a mobile banking … Read more
March 6, 2024 at 03:41PM TA4903, a gang of hackers specializing in business email compromise attacks, has been impersonating U.S. government entities to carry out malicious activities through fake bidding processes. Proofpoint has been tracking their campaign, noting intensified activities since mid-2023 and a shift to impersonating small businesses. They pose a significant threat and … Read more
February 28, 2024 at 06:25PM Cybercriminals are using user-friendly apps like XHelper to turn ordinary people into money mules, laundering stolen funds through various illegal activities. XHelper connects scammers with individuals in India to facilitate illicit transactions, with 37,000 active users and 16,000 verified bank accounts, moving approximately 160 million rupees per day. CloudSEK emphasizes … Read more
February 12, 2024 at 05:05AM An ongoing campaign targeting Microsoft Azure corporate clouds has compromised dozens of environments and hundreds of user accounts. The attacks involve data exfiltration, financial fraud, and impersonation across various industries and geographic regions. The threat actors show sophistication and adaptability, using tailor-made phishing and diverse toolkits. To defend against this, … Read more
February 5, 2024 at 05:28PM Deepfake creation software is rapidly spreading on the Dark Web, leading to an increase in AI-assisted financial fraud. In a recent incident, a Hong Kong-based employee fell victim to a deepfake scam, resulting in $25.5 million in fraudulent transactions. The availability of sophisticated deepfake tools poses a significant challenge for … Read more
February 4, 2024 at 10:42AM Wisconsin man Joseph Garrison, 19, was sentenced to 18 months in prison for his involvement in a credential stuffing attack targeting a fantasy sports and betting website. He accessed 60,000 user accounts using stolen credentials, stealing approximately $600,000. Garrison surrendered to authorities and pleaded guilty. Two others were charged in … Read more
January 30, 2024 at 11:13AM New York Attorney General Letitia James sued Citibank for failing to protect customers from hacks and scams, unlawfully denying reimbursement to fraud victims, and exploiting exceptions in regulations. The lawsuit alleges substantial financial losses for New York consumers, citing inadequacies in Citibank’s response to fraudulent activities and mistreatment of victims … Read more
January 30, 2024 at 09:42AM A 1.8 terabyte database containing personal information of 750 million individuals in India was offered for sale on the dark web, impacting subscribers of major telecom providers. The leak, estimated to affect 85% of the Indian population, poses a significant risk for cyberattacks and identity theft. CloudSEK has informed relevant … Read more
January 27, 2024 at 02:48AM A spear-phishing campaign targeting Mexican financial institutions has been attributed to an unknown Latin American-based threat actor. The campaign, active since 2021, uses AllaKore RAT to steal banking credentials and authentication information for financial fraud. Large companies with revenues over $100 million are particularly targeted. Additional details include modifications to … Read more