FBI Issues Fraud Alert – Bank Cyber Security

Last week, we wrote about a cyber attack on Bank of America. The FBI, in association with the Financial Services Information Sharing and Analysis Center (FS-ISAC), and the Internet Crime Complaint Center (IC3), has issued a Fraud Alert which provides more details about the attacks. The Fraud Alert provides details on the attack methods: The actor(s) primarily used spam and phishing e-mails to target their victims. Once compromised, keyloggers and RATs installed on the financial institution employee’s computer provided the actor(s) with complete access to internal networks and logins to third party systems. Variants of ZeuS malware were used to steal the employee’s credentials in [...]

2017-01-07T17:35:22-05:00September 24th, 2012|SP Guard, spear phishing|

Bank of America Hit In Spearphishing Attack

Fox Business News is reporting that cyber hackers, apparently from Eastern Europe, are stealing money from Bank of America customer accounts in coordinated cyberattacks.  The hackers use spearphishing emails to steal employee credentials.   Using the stolen credentials they steal customers' money.  They then send fake emails posing as bank administrators approving the wrongful transfers.  Finally, the hackers mount a denial of service attack on the bank's website to distract to stop the bank from catching the fake wire transfers.  In same instances the criminals have stolen up to $1,000,000. You can view the news report here: How can a [...]

2017-01-07T17:35:22-05:00September 20th, 2012|SP Guard, spear phishing|

Nitro Spearphishing Attacks Resume

In October of 2011 Symantec discovered the Nitro Attacks, a series of spearphishing emails that installed command and control software to steal intellectual property from chemical companies. Symantec is now reporting on a new series of Nitro Attacks.  In the first round of Nitro Attacks, the hackers sent highly targeted emails which delivered a malicious attachment.  Symantec has found: In these latest attacks, the attackers have developed a somewhat more sophisticated technique. They are using a Java zero-day, hosted as a .jar file on websites, to infect victims. As in the previous documented attacks, the attackers are using Backdoor.Darkmoon, re-using [...]

2017-01-07T17:35:22-05:00September 14th, 2012|SP Guard, spear phishing|

FireEye Reports on Advanced Threats

On September 4,  2012, FireEye released its Advanced Threat Report 1H 2012.  The report had five key findings. The amount of malware that is by-passing traditional malware defenses is exploding. Some industries are being attacked more than others. Email based attacks use both malicious attachments and malicious links, favoring the methods that most effectively evade detection at any given time. The use of throw-away domains to send spearphishing emails is becoming the prevalent attack profile. Cybercriminals are changing the malware delivered in malicious attachments more quickly in order to avoid detection. While all of these trends are alarming, let us [...]

2017-01-07T17:35:22-05:00September 7th, 2012|SP Guard, spear phishing|