Individual in Austria
January 26, 2025
•[ financial, phishing, finance ]
Eine Sdoststeirerin hat sich im Jnner an die Polizei gewandt, nachdem sie vermutet hatte, Opfer eines Phishing-Betrugs geworden zu sein. Sie fiel einem Link in einer SMS zum Opfer, eine Betrgerbande behob daraufhin Geld von ihrem Konto. Die Polizei verffentlichte nun Fotos der mutmalichen Betrger aus Wien.
Phemex
January 23, 2025
•[ financial, hack, finance ]
Singapore-based cryptocurrency platform Phemex is forced to pause some of its operations after a suspected cyberattack led to the theft of more than $85 million in digital coins.
Zürcher Kantonalbank (ZKB)
January 21, 2025
•[ hack, ddos, finance ]
Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.
Multiple organizations in the Crypto Space
January 15, 2025
•[ espionage, financial, finance ]
Researchers at SecurityScorecard uncovered Operation 99, a campaign by the Lazarus Group, North Koreas state-sponsored hacking unit, targeting software developers looking for freelance Web3 and cryptocurrency work.
The Idols NFT
January 15, 2025
•[ financial, hack, finance ]
The Idols NFT contract on Ethereum suffers an exploit resulting in a loss of approximately $340K.
Bank of America
January 10, 2025
•[ leak, finance ]
Bank of America notifies 414 individuals that their names, addresses, phone numbers, passport numbers, Social Security numbers, and their mortgage load numbers might have been compromised in a data breach at an unnamed third-party provider.
Orange Finances
January 8, 2025
•[ financial, hack, finance ]
Orange Finances announces that a threat actor compromised the admin address, upgraded contracts, and transferred funds to their wallet for an estimated loss of more than $840K.
Moby Trade
January 8, 2025
•[ financial, hack, finance ]
Moby Trade is the victim of a $2.5 million hack exploiting a compromised private key. However, a mistake by the attacker allows a whitehat to steal $1.5 million back and return it to the protocol.
Habib Bank Limited
January 1, 2025
•[ hack, finance ]
hacked
Federal Board of Revenue
January 1, 2025
•[ hack, finance ]
hacked
Resona Bank
January 1, 2025
•[ hack, ddos, finance ]
Osaka-based Resona Bank says a DDoS attack resulted in a network malfunction and impacted the functioning of its customer-facing My Gate application. The parent company Resona Holdings confirms the incident temporarily disrupted services at other company-owned banks, including Minato Bank, Kansai Mirai Bank and Saitama Resona Bank.
Mizuho Bank
January 1, 2025
•[ financial, hack, ddos ]
Mizuho Bank, Japan's third largest financial company, suffers a denial-of-service attack that disrupts online banking services for three hours.
Italian banks
January 1, 2025
•[ hack, ddos, finance ]
Pro-Russia threat actors from Noname057(16) target again Italian ministries, institutions, critical infrastructures websites and private organizations in coincidence with the visit of Ukrainian President Volodymyr Zelensky to Italy.
Mitsubishi UFJ Financial Group (MUFG Bank)
January 1, 2025
•[ ddos, finance ]
MUFG faced a temporary outage in internet banking services, which was later attributed to a suspected distributed denial-of-service (DDoS) attack.
Fondo Genesis (MetLife)
December 31, 2024
•[ ransomware, malware, finance ]
The ransomware group RansomHub claims responsibility for a breach of MetLife's operations in Latin America. MetLife denies the allegations, acknowledging a separate cyber incident involving Fondo Genesis, a subsidiary operating solely in Ecuador. Claims to have exfiltrated 1TB of data.
Trusteed Plans Service Corporation
December 26, 2024
•[ leak, finance ]
TPSC detected a breach on 12/26/2024; investigation found unauthorized access and data acquisition. A data review completed 08/07/2025 identified 19,775 impacted individuals. Notices sent 09/1509/16/2025 detail exposure of PII/PHI (DOB, SSN, health info; sometimes insurance IDs). No outage or misuse evidence reported.
Crown Mortgage Company
December 20, 2024
•[ ransomware, finance ]
Unauthorized access was discovered on Dec 20, 2024, at Crown Mortgage Company, exposing customer names and Social Security numbers. Breach notifications were sent on Jan 2, 2025, and the company offered 24 months of identity monitoring. A ransomware group has claimed responsibility, but this remains unconfirmed.
"Tony" (undisclosed crypto investor)
December 18, 2024
•[ social, phishing, finance ]
A scammer impersonating Google manages to phish 45 bitcoins approximately $4,725,000 at todays value from Tony, a 42-year-old professional from northern California.
Individuals in South Korea
December 11, 2024
•[ financial, phishing, finance ]
A South Korean law enforcement operation, dubbed Operation Midas, and carried out by the Korean Financial Security Institute (K-FSI), takes down a large-scale fraud network that extorted $6.3m from victims with fake online trading platforms.
Mortgage Investors Group
December 11, 2024
•[ ransomware, malware, finance ]
Mortgage Investors Group (MIG), one of the largest mortgage lenders in the Southeast U.S. says it suffered a cybersecurity incident last month that exposed troves of customer information. The Black Basta ransomware group claims responsibility for the attack.
