Official forum for Utopia Community
You are not logged in.
An ongoing financial fraud campaign that uses a new web-inject toolkit dubbed drIBAN has been targeting Italian business banking accounts since at least 2019.
According to Cleafy researchers Federico Valentini and Alessandro Strino, the main objective of drIBAN fraud operations is to infect Windows workstations inside corporate environments in an effort to change legitimate banking transfers made by the victims by changing the beneficiary and transferring money to an unauthorized bank account.
According to the Italian cybersecurity company, the threat actors themselves or their affiliates either manage the bank accounts or are entrusted with laundering the stolen money.
Web injects are a tried-and-true technique used by malware to intercept traffic to and from the server and inject custom scripts on the client side via a man-in-the-browser (MitB) attack.
The fraudulent transactions are frequently carried out via a method known as Automated Transfer System (ATS), which can get beyond bank-installed anti-fraud measures and start unlawful wire transfers from the victim's computer.
Over the years, the operators behind drIBAN have gotten more savvy at avoiding detection and developing effective social engineering strategies, in addition to establishing a foothold for long periods in corporate bank networks.
Cleafy said 2021 was the year when the classic "banking trojan" operation evolved into an advanced persistent threat. Furthermore, there are indications that the activity cluster overlaps with a 2018 campaign mounted by an actor tracked by Proofpoint as TA554 targeting users in Canada, Italy, and the U.K.The attack chain begins with a certified email (or PEC email) in an attempt to lull victims into a false sense of security. These phishing emails come bearing an executable file that acts as a downloader for a malware called sLoad (aka Starslord loader).
A PowerShell loader, sLoad is a reconnaissance tool that collects and exfiltrates information from the compromised host, with the purpose of assessing the target and dropping a more significant payload like Ramnit if the target is deemed profitable.
Offline
The level the threat actors are operating lately is crazy and i wonder how they will easily change legitimate banking transfers made by the victims by changing the beneficiary and transferring money to an unauthorized bank account they create the launder victim fund.
Offline
It's obvious that insecurities maneuver the heart of most webs and banks. Countries are on alert has they suffer this crazy threat. Thesame theft was been carried out in the reserve bank of Banladesh and Russia.
As well.
Offline
Not only banks suffers even in the political system. Imagine votes cast by people in electronic voting machines (EVMs) during polls in the country were being stolen through hacking of the devices, which pose a threat in India democracy.
Offline
Imagine a secured world like UTopia P2P ecosystem been emulated by the world leader
Offline
Actually if all systems algorithm are in decentralized form and programs just as Utopia definitely it can reduce the risk of been hack
Offline
Actually if all systems algorithm are in decentralized form and programs just as Utopia definitely it can reduce the risk of been hack
Yes, you're somehow right because decentralized provides the needed security from the hack, it only gives liberation and prevents manipulation but privacy features are needed to make a means of security from online theft.
Offline
crpuusd;9005 wrote:Actually if all systems algorithm are in decentralized form and programs just as Utopia definitely it can reduce the risk of been hack
Yes, you're somehow right because decentralized provides the needed security from the hack, it only gives liberation and prevents manipulation but privacy features are needed to make a means of security from online theft.
I would since this platforms is stricted from personal info and the advertisement is not allowed so, its a saftey for users to have a wide n free secured explore
Offline
crpuusd;9005 wrote:Actually if all systems algorithm are in decentralized form and programs just as Utopia definitely it can reduce the risk of been hack
Yes, you're somehow right because decentralized provides the needed security from the hack, it only gives liberation and prevents manipulation but privacy features are needed to make a means of security from online theft.
The online threat have always been another phase of attacks on vulnerable web users, it attained in getting leak of data.
Offline
thrive;9136 wrote:crpuusd;9005 wrote:Actually if all systems algorithm are in decentralized form and programs just as Utopia definitely it can reduce the risk of been hack
Yes, you're somehow right because decentralized provides the needed security from the hack, it only gives liberation and prevents manipulation but privacy features are needed to make a means of security from online theft.
The online threat have always been another phase of attacks on vulnerable web users, it attained in getting leak of data.
Therefore to prevent the leak of data, vulnerability, and possible lack of security. It is better to always adopt the use of privacy and decentralization.
Prevent is always better than cure.
Offline
crpuusd;9665 wrote:thrive;9136 wrote:Yes, you're somehow right because decentralized provides the needed security from the hack, it only gives liberation and prevents manipulation but privacy features are needed to make a means of security from online theft.
The online threat have always been another phase of attacks on vulnerable web users, it attained in getting leak of data.
Therefore to prevent the leak of data, vulnerability, and possible lack of security. It is better to always adopt the use of privacy and decentralization.
Prevent is always better than cure.
Forever riches is when you know your account is safe than you being under the umbrella of insecured centralized banks. You are doing the wrong thing if you are not in Utopia p2p ecosystem.
Offline
UTopia tends to serve you better and create more values to the system at large. Remember you are always welcome
Offline