The login credentials for 15 banking sites have purportedly surfaced for sale on the dark web. The alarming revelation about cyberattack on banks comes from a threat actor who claims to have stumbled upon a server belonging to an IT company responsible for maintenance and development.
The asking price for this sensitive information exceeds $10,000, as dictated by the hacker. “According to the rules I’ll set the price: from 10k$,” reads hacker’s post.
What More We Know About Cyberattack on Banks
According to the hacker’s post, in which he disclosed the cyberattack on banks, each bank’s login password is allegedly stored on this compromised server, along with other undisclosed information. The post mentions various tools and resources available on the server, including VPN access and crashftp connections.
The seller invites potential buyers to inquire further via private message, stressing the importance of reputation and deposit for serious inquiries.
This revelation of cyberattacks on bank poses a significant threat to the banking sector, amplifying concerns over cybersecurity in an industry already under siege by malicious actors.
Financial Institutions, A Prime Target of Hackers
Financial institutions worldwide remain prime targets for cyberattacks, with the IBM Cost of a Data Breach Report 2023 highlighting the sector’s vulnerability. Financial organizations faced average losses of US$5.9 million per cyber incident, surpassing the global industry average.
The evolving landscape of cyber threats extends beyond traditional attacks, with recent incidents targeting transaction systems and critical infrastructure. Data breaches and service disruptions continue to plague financial institutions, with leaks accounting for 64% of incidents and disruptions affecting 40% of businesses.
Amid this backdrop, specific incidents in February 2024 have brought the issue of cybersecurity to the forefront. Bank of America disclosed a data breach attributed to a cyberattack on one of its service providers, underscoring the interconnectedness of cybersecurity risks. Similarly, Emirates Investment Bank and African Bank have faced alleged breaches, with hackers claiming unauthorized access to sensitive customer data.
The lack of clarity regarding the extent of these breaches and the motives behind them adds to the uncertainty surrounding cybersecurity in the financial sector.
As the situation unfolds, stakeholders await further details from the affected 15 banks or the alleged hackers. The Cyber Express remains vigilant, monitoring developments and providing updates as new information emerges.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.