Entries with tag us banks.

Hackers Target Large Banks

Several large US banks were attacked by hackers who appear to have used malware and a zero-day vulnerability to infiltrate networks and obtain corporate and customer data. At least five banks—only JP Morgan Chase was identified—were involved in the attacks, in which cybercriminals stole “gigabytes of customer data,” according to the anonymous sources cited by news outlets. However, it is unclear whether they took credit card or other account information. The fact that there have been no reports of money moved from accounts indicates the attack was politically motivated, according to a US government source. The US FBI, Secret Service, and National Security Agency are investigating the breaches. Initial investigations indicate the attacks were routed through computers in Latin America from servers that Russian hackers are known to use. Security vendor Trend Micro reported an uptick in attacks on US and European banks since 24 July 2014 from computers whose IP addresses appear to be in former Soviet bloc countries. JP Morgan Chase spokesperson Brian Marchiony declined comment on the recent incidents, saying only, “Companies of our size unfortunately experience cyberattacks nearly every day. We have multiple layers of defense to counteract threats and constantly monitor fraud levels.” In April, JPMorgan Chase CEO Jamie Dimon said the company was increasing its annual expenditures on security by 25 percent—to $250 million—compared to 2013. (CNN Money)(re/Code)(Bloomberg)

Study: Closed US Bank Websites Abused

Websites that were once used by US banks for customer service have fallen into the hands of cybercriminals, spammers, and virus writers, according to a newly released study. The sites’ domains became available primarily when banks declined to renew them, or the institutions were purchased or closed, according to the study by Southern Methodist University and the University of Cambridge. An estimated 3,200 US banks have shut down in the last 10 years. Hackers are using the former sites of about 1,000 of them to exploiting their residual good reputation to distribute spam or malware, or skew search results. Hackers have even used some as fake online pharmacies or to promote porn sites. To prevent this abuse, the researchers say, banking regulators should police abandoned domains and require failed banks to place their domains in escrow accounts as part of the closure process. (BBC)(University of Cambridge)

Showing 2 results.