The data of approximately 30,000 customers of Australia’s four largest banks was stolen using malware installed on mobile phones and personal computers.

Hackers breached the security of the four banks without the institutions noticing their intrusion, and then dumped this information on dark web forums, according to cybersecurity firm Dvuln.

The specialized firm has indicated that “the breaches affect approximately 14,000 Commonwealth Bank customers, 7,000 ANZ customers, 5,000 NAB customers, and 4,000 Westpac customers. The data was collected over a period of at least four years through malware campaigns targeting personal devices.”

On the other hand, it has emphasized that this is not a breach in the banks’ security systems, “but rather individual infections of users’ phones and computers” using infostealer-type malware.

According to the intelligence firm KELA, “more than 3.9 billion passwords have been stolen using this type of malware globally.”

Experts from KELA and Dvuln have emphasized the need to increase protective measures not only by users, “but also by software developers, governments, and financial institutions, which must adopt more aggressive digital defense strategies.”

M.Pino

Source: diariobitcoin

(Reference image: Mika Baumeister on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Hackers stole banking data of at least 30,000 users in Australia apareció primero en Bitfinance.

Through a statement from the AT&T company, issued this Saturday, it was learned about the leak to the dark web of personal data of 73 million account holders in the United States.

An investigation has been initiated for this event that occurred approximately two weeks ago, but preliminary data indicates that the data leak includes information on the Social Security numbers of the holders.

Preliminarily, the company has indicated that they did not receive an alert of unauthorized access to their system. In addition, it emphasizes that the publication of information on the dark web does not include financial data “or specific details about call history.”

According to AT&T, “the breach shows that approximately 7.6 million current account holders and 65.4 million former account holders were affected.”

The first measure in response to the event has been to contact customers and ask them to reset their account passwords and remain alert to “changes in their accounts or credit reports.”

M.Pino

Source: CNN

(Reference image source: Shahadat Rahman en Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada AT&T investigates leak of personal data of 73 million customers in the United States apareció primero en Bitfinance.

In an operation carried out by the Spanish National Police in Alicante, a Venezuelan citizen was arrested as the leader of the financial apparatus of the ‘Kelvin Security’, one of the most prominent hacker groups worldwide. This group has perpetrated more than 300 high-profile attacks in the last three years, mainly targeting strategic sectors in more than 90 countries.

The primary targets of the ‘Kelvin Security’, according to authorities, include critical infrastructure and government entities. In addition to Spain, its actions have been directed to countries such as the United States, Germany, Italy, Argentina, Chile and Japan.

The group’s tactic is to exploit vulnerabilities in strategic entities to obtain access credentials and extract confidential information. They then sell this data on criminal forums on the dark web, a part of the internet that allows users to hide their identity and location.

The Venezuelan man arrested faces charges of membership in a criminal organization, disclosure of secrets, computer damage and money laundering. He is considered to be the main person responsible for laundering the money obtained from the hacktivist group’s criminal activities, and operated mainly through the exchange of cryptocurrencies.

The investigation began two years ago, following sophisticated cyber-attacks on the computer systems of the municipalities of Getafe and Camas in Spain. Cyber-investigation experts linked the attacks to the ‘Kelvin Security’ group, which operated clandestine cybercrime forums on the dark web.

The group exploited vulnerabilities in websites, software and information storage services to massively extract sensitive data from institutions and entities in strategic sectors around the world. The last known attack took place in November 2023, when they managed to exfiltrate a database with confidential information of more than 85,000 customers of an energy company.

K. Tovar

Source: Bancaynegocios

(Reference image source: Kevin Ku, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Venezuelan arrested in Spain for cybercrimes apareció primero en Bitfinance.

WormGPT has a specific purpose since it was created: to help cybercriminals gain access to the network and commit their crimes.

It is a ChatGPT-type chatbot, aided by advances in artificial intelligence, and which allows hackers to violate the security of Internet users in a very sophisticated way.

“Access to the program is being sold on deep web forums and confirms the ability of the AI ​​for malicious purposes as well.” The chatbot was “dissected by SlashNext” and developed using open source GPT-J with custom modules similar to ChatGPT. However, it is a more powerful chatbot that can be easily used to generate malicious code. The result is more dangerous cyberattacks.

The cases of spam, fake news and deepfakes are a trifle before the WormGPT that “allows you to write malware in Python code and offers specific help for cybercriminals.”

Its features include “unlimited character support, chat memory retention, and code formatting capabilities. Its training includes the ability to handle multiple data sources, particularly those linked to malware. Those who use this chatbot have the ability to attack personal or corporate emails, automatically create fake emails that are difficult to detect, thus ensuring success in the attack.

“In the forums where this development is publicized, it is also shown how to manipulate interfaces such as ChatGPT to generate results that could imply the disclosure of confidential information, the production of inappropriate content or the execution of malicious code.”

M.Pino

Source: Muycomputer

(Reference main image source: Mohamed Nohassi, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada ChatGPT also has a dark side and it is WormGPT apareció primero en Bitfinance.

The Taiwanese manufacturer of computers and IT components Gigabyte was the victim this weekend of a cyberattack of ransomware that allowed criminals to seize 112GB of company data, although its operations have not been affected.

As confirmed by the company itself, the cyberattack took place on Friday and allowed hackers to access a small number of the Asian manufacturer’s servers related to internal activities.

After warning the irregular access to its servers on Friday, Gigabyte claims to have activated the security mechanisms, shutting down its systems and notified the authorities about the cyberattack.

On the same Friday, Gigabyte resumed normal internal activities. The production of computers and components such as graphics cards and cards, sales and day-to-day activities have not been affected, according to the company.

The cyber attack is the work of the cybercriminal group RansomEXX, specialized in ransomware, which would have allowed its authors to obtain 112GB of company data that they now threaten to publish on the Dark Web.

Source: dpa

La entrada Gigabyte suffers massive attack against its servers apareció primero en Bitfinance.

In recent times, there have been numerous attacks that have occurred on the network and this time it was the turn of the computer company Acer, which suffered a ransomware cyberattack, the same virus that affected SEPE systems approximately two weeks ago.

During the hack, cybercriminals managed to leak information from the Taiwanese firm, such as bank balance sheets and financial sheets. According to local media Bleeping Computer, the attackers are trading with these files on the Dark Web, a common practice that serves as a measure of pressure on victims to accept payments for the requested ransom.

Its extortion method is characterized by its “great evasion capacity and the large number of measures it takes to avoid being detected by antivirus engines“, as specified by the aforementioned media.

According to the conversations between Acer and the group of attackers, which began on March 14, there was talk of a request for 50 million dollars in exchange for the software necessary to decrypt the information, an analysis of the vulnerability used to enter in the systems and the elimination of the leaked data.

Given the recent attacks carried out on numerous companies in these times of pandemic, Josep Albors, head of research and awareness at the cybersecurity company ESET, reported that in recent months “we are seeing how the attacks using ransomware are less massive and they are more directed against specific objectives with more economic capacity” and although the cases are not greater, large profits can be generated.

K. Villarroel

Source: abc

La entrada Acer should have to pay $50 million after suffering a cyberattack apareció primero en Bitfinance.

Internet users have recently reported that cybercriminals are offering alleged coronavirus vaccines traded in cryptocurrencies.

The threat detection company ESET is analyzing this type of phenomenon with respect to the sale of this input within the dark web.

Through a statement, the firm highlighted that within the web markets there are different types of vaccine offers, valued between 300 and 500 dollars in cryptocurrencies.

The company indicated that while most of these items are aimed at the European and North American market, the items may be in demand around the world.

On the other hand, there is a scam in a supposedly varied offer in terms of the clinical laboratory that would produce the drug.

“These offers are mostly advertised as for personal use, appealing to the delays in the distribution times of the vaccine, although these products can also be found for ‘wholesale’ sale, with ads for batches of 10 vaccines against COVID-19 for resale in other markets on the Internet or clandestinely off the web”, he pointed out.

ESET indicated that cybercriminals add credibility to these ads using traditional social engineering methods: they publish from the profile of a seller who has a positive and solid reputation on the platform.

K. Tovar

Source: Cobertura360

La entrada COVID-19 vaccine scams reported by Internet users apareció primero en Bitfinance.