Finance Report: Who Targets Financial Institutions?
Feb. 21, 2025, 3:30 p.m.
Description
This report provides an overview of key cybercrime and state-sponsored threat actors targeting the financial sector in 2024. It highlights the critical role of Initial Access Brokers in enabling large-scale attacks, the persistent threat of ransomware and extortion groups, and the increasing sophistication of banking malware campaigns. The report also examines the rise of Phishing-as-a-Service models and their impact on financial institutions. Additionally, it explores state-sponsored Advanced Persistent Threats (APTs) targeting the sector, including North Korean groups focused on bypassing sanctions, and the growing collaboration between APTs and cybercriminal operators. The analysis covers the actors' motivations, victimology, infection vectors, and tools used in their campaigns against financial entities.
Tags
Date
- Created: Feb. 20, 2025, 8:48 p.m.
- Published: Feb. 20, 2025, 8:48 p.m.
- Modified: Feb. 21, 2025, 3:30 p.m.
Attack Patterns
- TraderTraitor
- Tycoon 2FA
- GoldDiggerPlus
- GoldDigger
- GoldKefu
- Sneaky 2FA
- EDRKillShifter
- RansomHub
- JSOutProx
- GoldPickaxe
- RustBucket
- CatB
- T1589
- T1588
- T1587
- T1608
- T1110
- T1583
- T1087
- T1590
- T1486
- T1518
- T1047
- T1499
- T1204
- T1027
- T1584
- T1566
- T1190
- T1133
- T1078
- T1059
Additional Informations
- Technology
- Healthcare
- Energy
- Defense
- Finance
- Government
- British Indian Ocean Territory
- Iran, Islamic Republic of
- India
- Taiwan
- Saudi Arabia
- China
- Thailand
- Japan
- Ukraine
- Israel
- Brazil
- United States of America
- Russian Federation