One Million IP Addresses Used In Brute-Force Attack On A Bank

Cisco says in just one week in February they detected 1,127,818 different IP addresses being used to launch 744,361,093 login attempts on 220,758,340 different email addresses — and that 93% of those attacks were directed at two financial institutions in a massive Account Takeover (ATO) campaign.


Crooks used 993,547 distinct IPs to check login credentials for 427,444,261 accounts. For most of these attacks, the crooks used proxy servers, but also two botnets, one of compromised Arris cable modems, and one of ZyXel routers/modems. Most of these credentials have been acquired from public breaches or underground hacking forums.


For more information, read the full article here.

Singapore banks adopt voice biometrics for user authentication

Citi is launching voice biometric verification for customers in Singapore to help to cut user authentication time.


The bank has already implemented voice biometrics for consumer customers in Taiwan, with Singapore, Hong Kong and Australia to follow soon. The service will be available to all 12 of Citi’s consumer banking markets in Asia-Pacific by 2017.


Read the full article here.

Visa to help banks break into mobile payments

Visa has introduced the Visa Digital Commerce App, an issuer-branded mobile commerce product that enables financial institutions to offer their own mobile app to customers. Card management features in the app can help an FI to expand and strengthen its Visa credit, debit and prepaid card offerings, according to a company press release.


Through the mobile app, issuers can offer services such as real-time account balance information, card controls, alerts that inform accountholders about recent transactions or fraud concerns, and token services that are intended to bring greater security to contactless payments on NFC-enabled Android smartphones. Visa said that as a hosted service, the app is intended to simplify the delivery of a broad array of card management features and provide a roadmap for issuers to rapidly deploy new features and enhancements.


Read the full article here.

US warns banks on cyber threat after Bangladesh heist

U.S. regulators on Tuesday told banks to review cyber-security protections against fraudulent money transfers in the wake of revelations that a hacking group used such messages to steal $81 million from the Bangladesh central bank. The notice from the Fed and other financial regulators came two weeks after the U.S. Federal Bureau of Investigation privately urged banks to look for signs of possible cyber attacks.


Read the full article here.

Payment Application Data Security Standard 3.2 released

The PCI Security Standards Council (PCI SSC) published a new version of its data security standard for payment software, the Payment Application Data Security Standard (PA-DSS) version 3.2. The Payment Application Data Security Standard is used by payment application vendors to ensure their software products will protect payment card data from theft. Merchants and other businesses globally use “PA-DSS Validated” software to ensure they can safely accept payments, both in-store and online.


Read the full article here.

Banking service SWIFT adds new security plan following hacks

Banks use a service to send secure messages built by the Society for Worldwide Interbank Financial Telecommunications (SWIFT) to send financial transaction instructions. But recently it hasn’t been so secure: Hackers stole $12 million from Ecuador banks earlier this week, the latest in a slew of thefts. Today, SWIFT released a plan to work with its customers (the banks) to shore up the messaging system’s security.


The plan is rooted in some standard anti-cyber attack strategies: Share information on breach attempts, beef up safety tools and enforce security protocols at all staff levels. While SWIFT’s core business has been passing authenticated messages between banks, the security overhaul includes checking whether those messages are consistent with past activity, much like how banks flag suspicious activity on personal accounts.


But the outline seems more plaintive than commanding, urging SWIFT customers to obey its security protocols rather than requiring adherence to use the service. As SWIFT CEO Gottfried Leibbrandt said in a statement, "While each individual SWIFT customer is responsible for the security of its own environment, the security of global banking can only be ensured collectively."


This year has already seen numerous instances of fraudulent SWIFT requests funneling money into hackers’ dummy accounts. Earlier this month, a Vietnamese bank prevented an attempted heist, while a typo tipped off bank officials to an attempt in Bangladesh back in February — but not before the thieves made off with $81 million. The latter group of hackers have also been connected to SWIFT-breaching attempts in the Philippines and other Southeast Asian countries.


Read the full article here.

Hackers steal $12 million from an Ecuadorian bank via SWIFT

Earlier this week reports showed another round of SWIFT-related cyber heists, this time targeting banks in Ecuador. A new report in Reuters sheds light on what actually happened to the high-tech thieves’ $12-million loot. Apparently, they moved $9 million to 23 banks in Hong Kong and $3 million to Dubai and other parts of the world. Wells Fargo transfered sums with the total value of $9 million to the accounts of four companies at HSBC and Hang Seng Bank based on authenticated SWIFT transactions. The hackers then distributed the money to what are believed to be phoney business accounts.


Similar to the recent Bangladesh and Vietnam bank attacks, the thieves’ scheme involved the use of the SWIFT messaging platform. Banks use SWIFT’s platform to make financial transfers between each other, and cyber thieves typically send out fraudulent SWIFT messages requesting for funds to be routed to dummy accounts.


In Bangladesh Bank’s case, the thieves used the SWIFT credentials of the institution’s employees to request several transfers to accounts overseas. They got off with $80 million, which would have been much larger if they didn’t misspell the word "foundation." The hackers could have easily accessed the employees’ credentials, because the bank lacked a proper firewall. It’s not clear if that’s also what happened in Ecuador, but the thieves obviously had the same MO.


Read the full article here.

Up to a dozen banks are reportedly investigating potential SWIFT breaches

More banks have reportedly launched investigations into potential security breaches on their networks after hackers stole US$81 million from the Bangladesh central bank earlier this year through rogue SWIFT transfers. Security firm FireEye, which was hired to investigate the Bangladesh bank attack, was also called in to look for possible compromises at up to 12 additional banks, Bloomberg reported Thursday, citing an unnamed source familiar with the investigations.

Read the full article here.

Philippines Bank hit by SWIFT Hacking Group allegedly linked to North Korea

SWIFT Bank Hackers have attacked another bank in the Philippines using the same modus operandi as that in the $81 Million Bangladesh Bank heist.


Security researchers at Symantec have found evidence that malware used by the hacking group shares code similarities with the malware families used in targeted attacks against South Korean and US government, finance, and media organizations in 2009.


Read the full article here.