Articles about banking security

Mobile banking, image via Shutterstock

Realistic Brits want at least 3 security steps on bank accounts

Three in five Brits reckon that fewer than three security steps – including passwords, card readers or letters from a memorable word – are insufficient to assure their bank account is secure and not accessible by other people. The online survey, conducted by YouGov and sponsored by credit reference agency Equifax, found just …
John Leyden, 8 May 2017
theft

After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts

Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. These shortcomings can be potentially abused to, for example, redirect people's calls and text messages to miscreants' devices. Now we've seen the first case …
Iain Thomson, 3 May 2017

How's your online bank security looking? The Dutch studied theirs and... yeah, not great

The Dutch banking industry is doing a terrible job of online security, according to the company that runs the country's .nl internet domains. In a new report published Tuesday, the internet registry SIDN was surprised to find that just six per cent of banks using .nl internet addresses have the security protocol DNSSEC in …
Kieren McCarthy, 22 Feb 2017

Hackers steal millions from ATMs using 'just their smartphones'

Authorities in Taiwan are trying to work out how hackers managed to trick a network of bank ATMs into spitting out millions. Police suspect that two Russian nationals wearing masks cashed out dozens of ATMs operated by Taiwan's First Bank on Sunday and left the country the following day. The crooks stole an estimated T$70m ($2 …
John Leyden, 15 Jul 2016
Bank vault

BAE Systems partners with SWIFT to bolster hacker intel

BAE Systems has been recruited to help SWIFT's newly formed Customer Service Intelligence team in a bid to get ahead of cyber-criminals targeting banks connected to the global financial messaging service. The announcement follows the analysis and identification of malware that BAE Systems’ threat intelligence team was able to …
John Leyden, 15 Jul 2016
Upset man in suit and drinking liquor. Photo by Shutterstock

Hackers targeting SWIFT banks also targeted US moneymen: Hedge funds at risk

The Lazarus Group of hackers, blamed for a recent run of attacks against mainly Asian banks linked through the SWIFT network, is now suspected of targeting a mid-market US bank. Evidence uncovered by threat detection firm eSentire suggests that the Lazarus crew (which is also the chief suspect in the 2014 Sony Pictures hack) …
John Leyden, 13 Jun 2016

Recycled malware code 'links' SWIFT bank heist to Sony ransackers

Five additional pieces of malware suggest there is a stronger tie between North Korea's Lazarus Group of hackers and last month's run of cyber-attacks on banks. A study by Anomali Labs' senior security researcher Aaron Shelmire expands upon Symantec's earlier findings. According to Symantec, two pieces of malware were used to …
John Leyden, 2 Jun 2016
Taylor Swift

Inter-bank system SWIFT on security? User manual needs 'revamp’

Updated Inter-banking messaging systems SWIFT’s security guidelines are "outdated and incomplete". The criticism from security vendor Skyport Systems comes days after SWIFT revealed that a second bank had fallen victim to credential theft fraud, creating yet further concern already fuelled by February’s $81m Bangladesh reserve bank …
John Leyden, 16 May 2016
Bank vault

Yet another SE Asia bank hit by a SWIFT credentials hack

Cybercrooks have once again broken into the SWIFT financial transaction network and stolen money from another bank. The breach – victim and amount looted undisclosed – comes as the fallout from February’s $81m Bangladesh reserve bank cyber-heist continues to spread. The second robbery was uncovered by investigators looking …
John Leyden, 13 May 2016
US cashpoint. Pic: Tax Credits

Romanian cops bust ATM 'jackpot' cash-grab suspects in EU-wide op

Romanian cops have taken down a suspected ATM gang that used malware to trick machines into disgorging their cash contents. This operation, billed as one of the first of its kind in Europe, resulted in multiple house searches in Romania and the Republic of Moldova and the arrest of eight individuals. Police reckon the alleged …
John Leyden, 8 Jan 2016

9 cuffed over £60 million banking scam targeting UK businesses

Nine people have been arrested in the UK over an alleged £60m fraud targeting business banking customers. The gang targeted business banking customers, tricking prospective marks into handing over confidential information over the phone while posing as bank employees. The voice-based phishing scam was disguised by using …
John Leyden, 23 Oct 2015
Chip-and-PIN Tetris hack

Chip and SKIM: How dodgy crypto can leave shoppers open to fraud

UK academics today describe how criminals can forge chip-and-PIN card transactions and spend other people's money for free. The team of University of Cambridge experts say their technique exploits a cryptographic weakness in some devices implementing the EMV (aka chip'n'PIN) standard. And they're confident they've found a …
John Leyden, 19 May 2014
A boat full of Fail

Phisherman's friend: Confused hacktivists deface FAKE BANK SITE

Anon hackers have been caught boasting about defacing a counterfeit Yorkshire Bank website. Hacktivist crew Anon Ghost earned coverage on underground security blogs for defacing “Yorkshire Bank, one of the largest United Kingdom bank (sic)”. However, the hackers actually hit "ybs-bank.com", a Malaysian imitation of the real …
John Leyden, 6 Mar 2014
Orange Credit Card

Infosec bods scorn card-swiping Coin over security fears

All-in-one digital payments start-up Coin has issued a robust defence of its technology following criticism from an infosec firm. Coin offers a single combined credit/debit/loyalty/store card that's paired with a user's mobile phone. The Coin app requires that you take a picture of the front and back of the card, type in your …
John Leyden, 18 Nov 2013

Easily picked CD-ROM drive locks let Mexican banditos nick ATM cash

Lax security at Mexican banks has allowed cybercriminals to put their own malware-ridden CDs into ATM machines in order to gain control of the easily-compromised cash machines. The Ploutus malware was installed after "criminals acquired access to the ATM’s CD-ROM drive and inserted a new boot CD into it". The ruse was possible …
John Leyden, 11 Oct 2013
SOURCE: http://www.sxc.hu/photo/959469

'Bogus IT guys' slurp £1.3m from Barclays: Cybercops cuff 8 blokes

UK police have arrested eight men after a gang fitted remote-control hardware to a Barclays bank branch computer and stole £1.3m. Money was slurped from the bank after crooks hooked up a KVM (keyboard, video and mouse) switch and 3G dongle to a terminal in the branch, officers said. The suspects, aged between 24 and 47, were …
John Leyden, 20 Sep 2013
money_yen_dollar_pound

Leaked docs: NSA 'Follow the money' team slurped BANK records, CREDIT CARD data

The NSA doesn't only hoover up your emails, web surfing habits and phone call metadata – they also harvest your credit card records and banking transactions. The latest leaks from whistleblower Edward Snowden reveal that the NSA is monitoring international banking and credit card transactions that pass through the Society for …
John Leyden, 18 Sep 2013
The Register breaking news

Camby cash crypto-coders Cronto chomped on pronto by Vasco

Swiss software firm Vasco has bought Cambridge-based banking security specialist Cronto in a deal valued at up to £14.5m. Vasco will pay $19.3m (€15m, £12.7m), and a further $2.6m (€2m, £1.8m) depending on future earnings, to get its hands on the British upstart's malware-defeating technology. Its software attempts to shield …
John Leyden, 22 May 2013

Create a news alert about banking security, or find more stories about banking security.

Biting the hand that feeds IT © 1998–2018