Odinoff typically is used as the first piece in multi-stage attacks on target networks, and Symantec said it bears the mark of the Carbanak gang, a team that is responsible for hundreds of millions of dollars in losses at banks in the last couple of years. The newly discovered group is using a piece of malware known as Odinaff, which researchers at Symantec say has been used to target many financial institutions in recent months. Also, it's worth checking if your mobile provider is doing their part to defend you from SIM swapping.Security researchers have uncovered evidence that there is a second group of attackers who have been targeting banks in the SWIFT network, using a new Trojan that hides SWIFT message records and overwrites the master boot record of some hard drives. As such, to perform a SIM swap, scammers typically harvest your personal information in order to pass the checks.Įven then, some network providers have lax checks for SIM transfers, which has allowed hackers to easily perform this trick.Īlways keep your personal details private to avoid someone stealing your identity. Of course, mobile networks typically ask questions to check if the person requesting the transfer is who they say they are. They can then log in to your account unimpeded and take the money. When they log into your bank account, the bank sends an SMS verification code to their phone rather than yours. Once they have your number on their SIM card, they can circumvent SMS codes easily. This is achievable with a social security number, as we covered in our guide to why 2FA and SMS verification isn't 100% secure. If they're successful, the network provider strips your phone number from your SIM and installs it on the hacker's SIM instead. To do this, they'll often ask for SMS reading privileges during the installation, so they can steal the codes as they come in. Typically, these Trojans also need an SMS verification code to access your account. These details are then uploaded to the malware author.
If this is done smoothly enough, the user won't notice the swap and will enter their details into the fake login page. When it detects the user launching a banking app, the malware quickly puts up a window that looks identical to the app you just booted up. When you install this app, the Trojan begins to scan your phone for banking apps. These aren't disguised as a bank's official app they're usually a completely unrelated app with a Trojan installed within. The sneakier version is the mobile banking Trojan.
Replacing a Real Banking App With a Fake One Once you've downloaded the app, you enter your username and password into it, which is then sent to the hacker. A malware author creates a perfect replica of a bank's app and uploads it to third-party websites. The simpler means of attack is by spoofing an existing banking app.
0 kommentar(er)
