Researchers have found that hackers have revived an old banking scam known as Operation Elemental and have now added a new twist that allows hackers to lock and reset phone passwords. It also offers a fake token generator that tricks the victim into setting up a secure connection with their bank. Now the banking malware intercepts incoming texts, checks to see if they are from the command and control server and if so, carries out the command in real time cleaning out their bank account.before the victim has a chance to understand what is happening. Don Duncan, Security Engineer at NuData Security commented below.
Don Duncan, Security Engineer at NuData Security:
“In this instance, it’s important to reiterate that we should all be following the standard rules of good mobile device hygiene by using a reputable app store and not installing from unknown sources. As for the other aspect of this attack, it uses not just mobile, but also PCs. Using a standard Antivirus/Malware application would help protect users in this case. Because this is a multichannel type of malware co-ordinated between PC and mobile, using a solution that can verify users regardless of the device would be helpful. Solutions exist that can use entity linking, detecting user behavioral patterns across the network and determining if the user is legitimate based on their historical usage.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…