Bithumb
June 29, 2017
•[ hack, finance ]
The largest bitcoin and ether exchange in South Korea by volume, Bithumb, is hacked. The losses could be in the billions of won.
ClassicEtherWallet
June 29, 2017
•[ financial, phishing, finance ]
An unknown attacker gains control over the web domain of Classic Ether Wallet, a client-side wallet system for the Ethereum Classic (ETC) cryptocurrency, being able to phish credentials and redirect transactions. Based on reported cases, the hacker might have stolen nearly $300,000.
Undetermined
June 27, 2017
•[ ransomware, malware, finance ]
Threat actors deploy a tool, called NotPetya, with the purpose of encrypting data on victims' machines and rendering it unusable. The malware was spread through tax software that companies and individuals require for filing taxes in Ukraine and spread globally.'Australia, Estonia,'Denmark, Lithuania, Ukraine, the United Kingdom, and the United States issued statements attributing NotPetya to Russian state-sponsored actors.
ATMs in India
June 14, 2017
•[ hack, malware, finance ]
ATMs in India are under attack via Rufus, a Chinese malware targeting cash machines running outdated Windows XP.
BTC-E
June 5, 2017
•[ hack, ddos, finance ]
BTC-E.com, the popular Bitcoin and Litecoin exchange platform is the target of a DDoS Attack.
Russian Central Bank
May 12, 2017
•[ ransomware, malware, finance ]
A threat actor used a tool called WannaCry to encrypt data in compromised networks, and intended to provide the victims with the decryption key only after a ransom had been paid. The threat actors used an exploit, called EternalBlue--first discovered by the U.S. National Security Agency--to propagate WannaCry in organizations using the Windows operating system. The Russian Central Bank detected an attack on its systems, but was able to thwart it.
UK Banks
May 2, 2017
•[ social, phishing, finance ]
DomainTools reveals that hundreds of fake website domains are being used by hackers to mimic some of the most popular banking services in the UK in an attempt to trick victims into handing over personal details and sensitive login credentials.
KCG Holdings
April 23, 2017
•[ insider, espionage, malware ]
The FBI arrests Zhengquan Zhang, a 31-year-old IT engineer, accused of installing malware on his employer's servers to steal proprietary source.
Yapizon
April 22, 2017
•[ hack, financial, finance ]
Yapizon, a South Korean Bitcoin exchange suffers a massive data breach when hackers steal 3,800 Bitcoin (US$5 million) which is 37% of user funds.
Union Bank of India
April 11, 2017
•[ hack, finance ]
North Korean hackers are suspected of attempting to steal $170m from Union Bank of India, back in 2015.
Unnamed Russian bank
April 4, 2017
•[ financial, malware, finance ]
Kaspersky reveals the details of ATMitch, a fileless malware used to steal cash from ATMs. The researchers have only tracked down two incidents where ATMitch was used. The first is in a Russian bank.
Unnamed Brazilian bank
April 4, 2017
•[ hack, phishing, finance ]
Kaspersky reveals that on October 2016, a group of hackers rerouted all the traffic of an unnamed Brazilian bank's customers to perfectly reconstructed fakes of the bank's properties.
Unnamed Kazakh bank
April 4, 2017
•[ financial, malware, finance ]
Kaspersky reveals the details of ATMitch, a fileless malware used to steal cash from ATMs. The researchers have only tracked down two incidents where ATMitch was used. The second is in a Kazakh bank.
Master Deeds
March 14, 2017
•[ leak, misconfiguration, finance ]
In March 2017, a 27GB database backup file named "Master Deeds" was sent to HIBP by a supporter of the project. Upon detailed analysis later that year, the file was found to contain the personal data of tens of millions of living and deceased South African residents. The data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government issued personal identification numbers and 2.2 million email addresses. At the time of publishing, it's alleged the data was sourced from Dracore Data Sciences (Dracore is yet to publicly confirm or deny the data was sourced from their systems). On 18 October 2017, the file was found to have been published to a publicly accessible web server where it was located at the root of an IP address with directory listing enabled. The file was dated 8 April 2015.
Verifone
March 7, 2017
•[ hack, finance ]
Credit and debit card payments giant Verifone investigates a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions.
Bitfinex
February 22, 2017
•[ hack, ddos, finance ]
Top Bitcoin trading platform Bitfinex is hit by a "severe DDoS attack."
Zcoin
February 17, 2017
•[ hack, misconfiguration, finance ]
A simple one-digit typo within the source code of a cryptocurrency called Zcoin has allowed a hacker to make a profit of over $400,000 worth of cryptocurrency.
Hitachi Payment Services
February 9, 2017
•[ hack, malware, finance ]
Hitachi Payments Services confirms that its systems were compromised by a sophisticated malware in mid-2016, that led to one of the biggest cyber security breaches in the country with 3.2 million cards affected.
Email accounts of Irish solicitors
February 5, 2017
•[ financial, hack, finance ]
The Sunday Independent reveals that cybercriminals are hacking the email accounts of Irish solicitors in an attempt to steal tens of thousands of euro from unsuspecting home buyers.
Hong Kong securities brokers
January 26, 2017
•[ hack, ddos, finance ]
Hong Kong's securities regulator says that brokers in the city have suffered major DDoS cyber attacks and warns of possible further incidents across the industry.
