Tag: financial sector

7 Attack Reports | 0 Vulnerabilities

Attack reports

Gh0st RAT-based GodRAT attacks financial organizations

A newly identified Remote Access Trojan named GodRAT, based on the Gh0st RAT codebase, has been targeting financial firms since September 2024. The attackers distribute malicious .scr files via Skype, using steganography to embed shellcode in images. GodRAT supports plugins and is used alongside br…
steganography
asyncrat
gh0st rat
financial-sector
2025-08-19
skype
password-stealer
awesomepuppet
ms edge password stealer
godrat
chrome password stealer
Published: August 19, 2025
Downloadable IOCs: 0

June 2025 Security Issues in Korean & Global Financial Sector

This comprehensive analysis covers cyber threats and security issues affecting financial companies in South Korea and globally. It examines malware and phishing cases targeting the financial sector, including the top 10 malware strains and leaked Korean account statistics on Telegram. The report de…
phishing
ransomware
data breach
financial sector
cybercrime forums
account takeover
dark web
2025-07-16
database leak
digital payments
everest
Published: July 16, 2025
Downloadable IOCs: 0

Cybercriminals Abuse Open-Source Tools To Target Africa's Financial Sector

A series of attacks targeting financial organizations across Africa has been observed since July 2023. The threat actor, tracked as CL-CRI-1014, uses open-source and publicly available tools like PoshC2, Chisel, and Classroom Spy to establish attack frameworks, create tunnels for network communicat…
lateral movement
poshc2
financial sector
chisel
2025-06-26
Published: June 26, 2025
Downloadable IOCs: 32

March 2025 Security Issues in Korean & Global Financial Sector

This analysis covers cyber threats and security issues in the financial industry, focusing on South Korea and global incidents. It examines malware and phishing cases, lists top malware strains, and provides statistics on leaked Korean accounts. The report delves into major financial threats on the…
phishing
2025-04-08
financial-sector
database-leak
Published: April 8, 2025
Downloadable IOCs: 2

Finance Report: Who Targets Financial Institutions?

This report provides an overview of key cybercrime and state-sponsored threat actors targeting the financial sector in 2024. It highlights the critical role of Initial Access Brokers in enabling large-scale attacks, the persistent threat of ransomware and extortion groups, and the increasing sophis…
apt
phishing
ransomware
cybercrime
ransomhub
edrkillshifter
rustbucket
goldpickaxe
financial sector
2025-02-20
catb
initial access brokers
jsoutprox
tradertraitor
golddigger
state-sponsored threats
goldkefu
tycoon 2fa
banking trojans
sneaky 2fa
golddiggerplus
Published: February 20, 2025
Downloadable IOCs: 0

Financially Motivated Threat Actor Leveraged Google Docs and Weebly Services

A phishing campaign targeting telecommunications and financial sectors was identified in late October 2024. The attackers used Google Docs to deliver phishing links, redirecting victims to fake login pages hosted on Weebly. This method bypassed standard email filters and endpoint protections by lev…
phishing
mfa bypass
sim swapping
financial sector
2024-11-27
google docs
telecom
tracking tools
weebly
Published: November 27, 2024
Downloadable IOCs: 35

LUNAR SPIDER Enabling Ransomware Attacks on Financial Sector with Brute Ratel C4 and Latrodectus

LUNAR SPIDER, a Russian-speaking financially motivated threat group, has resumed operations following law enforcement disruptions. They've shifted from using IcedID to leveraging Latrodectus and Brute Ratel C4 malware, targeting financial services through SEO poisoning malvertising campaigns. The g…
ransomware
malvertising
seo poisoning
icedid
latrodectus
2024-10-31
brute ratel c4
financial sector
infrastructure sharing
Published: October 31, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports