Hackers Target Ukrainian Bank, Steal $10 Mil over SWIFT. From NewsBTC.
The banks now have an urgent need for blockchain based fund transfer solutions, as the conventional systems are being frequently compromised. The SWIFT network, which is widely used by the banks across the world for electronic fund transfers has been affected by multiple hacking attacks till date, resulting in huge loss of funds. After the recent hacking incident where hackers stole money belonging to the Central Bank of Bangladesh from US Federal Reserve, a Ukrainian bank has become the target of hackers. According to reports, an unnamed Ukrainian bank has lost about $10 million after the hackers gained entry into the bank’s computer systems. The money was then transferred from the bank to offshore accounts using SWIFT’s inter-bank transfer system.
North Korea Linked With Hacks Stealing From Banks. From US News And World Report. Network security researchers have linked cyber attacks that stole millions of dollars from Asian banks to hacking incidents attributed to North Korea, raising questions as to whether the cash-strapped hermit kingdom is seeking new ways to replenish its coffers.
Did the Clinton Email Server Have an Internet-Based Printer?. From Krebs On Security. The Associated Press today points to a remarkable footnote in a recent State Department inspector general report on the Hillary Clinton email scandal: The mail was managed from the vanity domain “clintonemail.com.” But here’s a potentially more explosive finding: A review of the historic domain registration records for that domain indicates that whoever built the private email server for the Clintons also had the not-so-bright idea of connecting it to an Internet-based printer.
- Malware attacks on two banks have links with 2014 Sony Pictures hack. From CSO Online. Bangladesh Bank, a commercial bank in Vietnam and Sony Pictures are the unlikely bedfellows in a tale of cyber intrigue uncovered by security researchers at BAE Systems. Researchers Sergei Shevchenko and Adrian Nish have found some links between malware involved in the 2014 attack on Sony Pictures and attacks on two banks involving the theft of credentials for the SWIFT financial transfer network.
- How Israel is turning part of the Negev Desert into a cyber-city. From Washington Post. Here in the middle of the Negev Desert, a cyber-city is rising to cement Israel’s place as a major digital power. The new development, an outcropping of glass and steel, will concentrate some of the country’s top talent from the military, academia and business in an area of just a few square miles. No other country is so purposefully integrating its private, scholarly, government and military cyber-expertise.
Vietnam bank says interrupted cyber heist using SWIFT messaging. From Reuters. Vietnam’s Tien Phong Bank said that it interrupted an attempted cyber heist that involved the use of fraudulent SWIFT messages, the same technique at the heart of February’s massive theft from the Bangladesh central bank. Hanoi-based TPBank said in a statement late on Sunday in response to inquiries from Reuters that in the fourth quarter of last year it identified suspicious requests through fraudulent SWIFT messages to transfer more than 1 million euros ($1.1 million) of funds.
This 1 Simple Equation Describes Cybersecurity in a Nutshell. From Fortune. How do you calculate risk? It’s simple, according to Michael Hayden, former head of the U.S. National Security Agency and later the Central Intelligence Agency. The ex-spy boss boiled the concept down to its basics at a computer security conference earlier this week. Here’s the formula he presented on a slide: Risk = threat x vulnerability x consequence
New York Fed defends fund transfer after Bangladesh heist. From Reuters. After an $81 million cyber heist at the Bangladesh central bank, the Federal Reserve Bank of New York said there was no problem with its procedures for approving fund transfers, according to a letter released on Friday by a U.S. lawmaker who had questioned those methods. U.S. Representative Carolyn Maloney had called for a probe of the fund transfers triggered by the February cyber attack on the Bangladesh central bank.
If you use Waze, hackers can stalk you. From Fusion.net. Researchers at the University of California-Santa Barbara recently discovered a Waze vulnerability that allowed them to create thousands of “ghost drivers” that can monitor the drivers around them—an exploit that could be used to track Waze users in real-time. They proved it to me by tracking my own movements around San Francisco and Las Vegas over a three-day period.
- Meet the malware that screwed a Bangladeshi bank out of $81m. From The Register. February’s hack against Bangladesh’s central bank that netted $81m in diverted funds is one of the biggest cyber heists of all time. Now researchers think they’ve found the malware that did it. A sample of the software nasty was obtained by researchers at defense contractors BAE Systems. The malware appears to have been custom built to use the global SWIFT (Society for Worldwide Interbank Financial Telecommunication) system and its Alliance Access backend.
- RuMMS Android Malware Attacks via SMS Spam, Steals Money from Bank Accounts. From Softpedia. Security researchers have discovered a new Android malware family that’s being spread using SMS spam messages and has been secretly stealing money from victims’ bank accounts after infecting their devices. At the time of writing, this malware family which FireEye researchers have named RuMMS has targeted only users living in Russia. The first infections hit users on January 18 and have continued until late April.
- National Infrastructure Attacks Mark Ominous Milestone for Cyber Security From InfoSecurity Magazine. Hundreds of thousands of homes across western Ukraine were suddenly left without power last December after a massive blackout. Though power was eventually restored, this event should serve as a wake up call for governments around the world, not just because of the severity, but due to the cause .
- Amazon force-resets some account passwords, citing password leak. From ZDNet. Amazon has force-reset an unknown number of accounts, after passwords may have been compromised. A number of readers told ZDNet they received an email from Amazon saying the company has reset their account password. The message was also sent to their account message center on Amazon.com, and Amazon.co.uk, confirming the message is genuine.