Phil Muncaster reports: A bug in SWIFT banking software may have been exploited to allow hackers to make off with $81 million from Bangladesh’s central bank in February, according to reports. Investigators at British defense contractor BAE Systems told Reuters that the malware in question, evtdiag.exe, had been designed to change code in SWIFT’s Access…
Category: Financial Sector
JPMorgan Hack Case Nets Dad Accused in Bitcoin Bribery Plot
Patricia Hurtado and David Voreacos report: Federal prosecutors broadened a case linked to what the U.S. called a multiyear criminal enterprise centering on hacks of publishing and financial firms including JPMorgan Chase & Co., according to court records in Manhattan. […] In a revised indictment, Anthony Murgio and his co-conspirators are accused of knowingly exchanging…
Failed blackmail nets ex-Leumi Card employee 11 years in jail
Gur Megiddo reports a follow-up on an insider breach that occurred in 2014 and was previously covered here and here: A former Leumi Card employee convicted of stealing information from the credit card company’s database as a precursor to blackmail has been sentenced to 11 years in prison. Eliran Rosnis admitted the charges against him…
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…
Lessons from the Olympus Mortgage vs. Guaranteed Rate Case
Craig Nazarro of Baker Donelson writes about an insider breach case previously covered on this blog: Late last month a jury awarded Mount Olympus Mortgage Company (MOMC) more than $25 million for their claims against Guaranteed Rate (Guaranteed), which alleged Guaranteed along with other former employees of MOMC illegally transferred hundreds of loan files from…
Russian hacker group targetting largest EU banks
SC Magazine reports: The Russian government has begun working with Russia’s Central Bank to develop a package of measures aimed at fighting Buhtrap, the recently discovered hacker group, which, to date, has stolen around RUB 4 billion (£42 million) from Russian and Western banks, and is reportedly planning further attacks on the EU banking system….