This report details recent cyber threats and attacks specifically targeting the financial sector in South Korea and internationally. It includes the examination of malware, phishing incidents, data breaches, and the latest statistics related to compromised financial institutions. The analysis sheds light on significant threats from the dark web, ransomware incidents, and the implications of these breaches on customer trust and system integrity. Affected: financial institutions, banking sector, social welfare financial programs
Keypoints :
- Recent cyber threats impacting the financial sector analyzed.
- Top 10 malware targeting financial institutions identified.
- Notable phishing cases documented affecting the financial sector.
- Data breach involving Banco ***, a state-owned financial institution in Mexico, sold on BreachForums.
- BASHE ransomware group claims attack on *** Bank in India, with significant data theft.
- DDoS attack by hacktivist group RootDos against *** Bank in Switzerland.
- Emphasis on the need for enhanced security measures, incident response, and customer trust restoration.
MITRE Techniques :
- T1071.001 – Application Layer Protocol: Data exfiltration methods used in ransomware attacks against financial institutions.
- T1496 – Supply Chain Compromise: The data leak from the Mexican state-owned financial institution, compromising user and admin accounts.
- T1531 – Account Access Removal: Threat actors targeting admin panel and user accounts to potentially exploit financial data.
- T1586 – Compromise Infrastructure: Use of BreachForums for selling stolen data.
Indicator of Compromise :
- [MD5] 08f252e085a3596cf93a4c691b56bb27
- [MD5] 14a1ae31013095ccdaf5f347b7c431ce
- [MD5] 1c705a86ac6290caf3b6e557e10681be
- [MD5] 4784cdb680ec01abf231784ffbe9acc2
- [MD5] 55bb5b292dd79a3dd658e1344fd92237
Full Story: https://asec.ahnlab.com/en/86335/
Views: 26