- 칼럼 | AI 에이전트, 지금까지의 어떤 기술과도 다르다
- The $23 Echo Dot deal is a great deal to upgrade your smart home this Black Friday
- Amazon's Echo Spot smart alarm clock is almost half off this Black Friday
- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
US Most Impacted by Data Breaches in the Financial Industry in 2022
The financial sector ranked second across all industries for data breaches in 2022, according to Flashpoint’s 2022 Financial Threat Landscape, published on December 20, 2022.
The US was the most impacted country, followed by Argentina, Brazil and China.
Approximately 57% of these breaches targeting financial institutions worldwide have been attributed to ‘general hacking.’ In comparison, about 6.5% were as a result of ATM skimming, a PIN-stealing technique targeting credit and debit cards by rigging machines with hidden recording devices.
General hacking includes phishing and e-skimming methods and different types of malware, such as ATM malware and ransomware.
While Flashpoint analysts found that “ATM malware represented one of the most popular malware and service offerings in 2022, [they] have [also] observed that threat actors specializing in ATM fraud often share slightly out-of-date techniques and tools, likely out of a desire to protect the most cutting-edge methods for their private use. Over the past year within Flashpoint’s Telegram collections, for example, multiple threat actors used the same three images to advertise ‘deep insert skimmers,’ suggesting that threat actors are less likely to share new tactics, techniques and procedures for free,” the report reads.
“Advertisements for ATM card skimmers or tutorials on how to employ them are commonly featured on popular markets, such as AlphaBay. They commonly sell for between $500 and $1000.”
Another popular type of malware found by Flashpoint in 2022 was banking trojans. “This year, a number of mobile-based banking trojans re-emerged after varying durations of inactivity. In addition, new banking trojans appeared that masquerade as legitimate mobile applications,” the report reads.
Some of the most popular trojans analysts observed in 2022 were Xenomorph, Sova and Teabot.
Flashpoint also saw a few ransomware groups that targeted financial institutions in 2022, including LockBit, Conti and Corp Leaks, an English-language ransomware group possibly affiliated with REvil. However, “the financial sector was not one of the most-targeted sectors for ransomware activity in 2022.”