Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Banking

THE GROWING THREATS IN THE PAYMENT INDUSTRY

threat concept

Dennis Schwarz, Research Analyst for ASERT at Arbor Networks

As the sophistication of cyber-attacks continues to increase, it has never been more important for organisations to implement the right security. This is especially relevant to the financial services industry, where there is a large amount of sensitive data at risk of falling into the wrong hands.

There are many different threats that affect the financial services industry, but one threat that continues to affect banks and payment providers is UrlZone. This banking trojan started appearing in 2009 and specialises in manipulating the bank balance that victims see when they log into their bank accounts. The malware uses command and control to present the customer with a message stating that the account has been hacked and is frozen. While the victim starts to sort his or her bank balance out, the malware transfers large amounts of money to a cyber-criminal’s account while prompting the victim with a fake balance – leaving the victim completely unaware of what has just happened.

The malware has mostly recently evolved by upgrading its encryption method used to protect the command and control communications between an infected computer and the threat actor’s control panel. Previous versions used simpler mechanisms, but the latest version of this malware uses the Advanced Encryption Standard (AES) in conjunction with a public key algorithm (RSA). This is important because it allows attackers to understand what existing protections are on the device.  Therefore software like Intrusion Detection/Prevention Systems may need to be upgraded to detect the latest version of the malicious traffic.

To prevent this type of attack, consumers need to be cautious when accessing their bank account. If something out of the ordinary happens, they should stop what they are doing. As well as this, by having up to date security software on personal computers and at work, consumers should be able to protect their computers and devices from this type of malware.

By revisiting this threat actor, it is clear that this threat has not gone away even though the press activity around this has faded. Although new threats will continue to steal away this attention, it is important to remain cautious about all types of different malwares, as you could become the next victim.

A more technical analysis of this malware can be seen on Arbor Networks’ blog[1]

[1]https://asert.arbornetworks.com/an-update-on-the-urlzone-banker/

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post