Following the cybersecurity alerts issued earlier this week by Kaspersky Lab, US software company Arbor Networks has released has released two new threat intelligence reports detailing a trojan being used to target South Korean banks and a separate banking Trojan believed to be similar to Zeus, Neverquest and Dyreza.
“With financial institutions underpinning whole economies, they’re a particularly choice target vertical for impactful attack,” the company notes.
“Just recently we have seen an attacks on HSBC, Invest Bank and of course, JP Morgan. This has prompted the UK and US governments to carry out “war games” to test the financial services sector’s resistance to a cyberattack.”
Arbor’s security engineering and response team, aka ASERT, reports that South Korean banking websites require the use of a Novell Public Key Infrastructure (NPKI) authentication certificate, and it is this that the Trojan targets. Using this encrypted data the threat actor uses a fake banking site to secure further details, which can then be used to transfer money.
The team has dubbed the banker ‘Big Bong’ and its threat intelligence report, entitled ‘The Big Bong Theory: Conjectures on a Korean Banking Trojan’ offers an in-depth behavioural analysis of the malware from builder to bot and from installation to exfiltration including obfuscation techniques, certificate use, and virtual private network (VPN)-based communications.
South Korea is not the only country being targeted. The ASERT team has also studied the Corebot banking Trojan. Initially discovered and documented last year by researchers at Security Intelligence, it has since evolved rapidly and, in terms of capabilities such as browser-based web injections, become similar to dominant banking malware such as Zeus, Neverquest and Dyreza – although its impact has so far been much more limited.
However, despite its relative newness, Arbor’s ASERT team predicts “the threat posed by Corebot will increase over the next year or so, perhaps following the same track as those malware families that have gone before it” because it is of such a high calibre. You can find further details here:
ASERT began studying and monitoring Corebot shortly after it was initially documented. An in-depth analysis of Corebot’s inner workings are provided in a threat intelligence report entitled ‘Dumping Core: Analytical Findings on Trojan Corebot’ including coverage of its cryptography, network behaviour and banking targets.
The US money market fund reforms came into effect in 2016 and are already dramatically shaping US fund industry with investors flooding out of prime funds and into government securities. While the reforms are similar, they are not the same. GTNews interviews Yeng Bulter, global head of the cash business at State Street Global Advisors on the differences.
Far and away, the largest financial market on the planet is the foreign exchange currencies market, where on average individuals and organisations trade more than $5 trillion daily. In the FX world, the ability to master the market isn't considered a luxury for treasury officers–it's a necessity.
Using data for predictive analytics is the future of banking success, argued Jean-Laurent Bonnafé, CEO of BNP Paribas, in his session on how the bank is reinventing its approach to innovate with and for corporates.
The top five sectors Asian fintech investors are interested in are data analytics, blockchain, lending, payments and regtech, according to Gary Hwa, EY regional managing partner.